JRed: Program Customization and Bloatware Mitigation Based on Static Analysis

Yufei Jiang, Dinghao Wu, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

29 Scopus citations

Abstract

Modern software engineering practice increasingly brings redundant code into software products, which has caused a phenomenon called bloatware, leading to software system maintenance, performance and reliability issues as well as security problems. With the rapid advances of smart devices and a more connected world, it is never more important to trim bloatware to improve the leanness, agility, reliability, performance, and security of the interconnected software and network systems. Previous methods have limited scopes and are usually not fully automated. In this paper, we propose a new static-analysis-enabled approach to trimming unused code from both Java applications and Java Runtime Environment (JRE) automatically. We have built a tool called JRed on top of the Soot framework. We have conducted a fairly comprehensive evaluation of JRed based on a set of criteria: code size, code complexity, memory footprint, execution and garbage collection time, and security. Our experimental results show that, Java application size can be reduced by 44.5% on average and the JRE code can be reduced by more than 82.5% on average. The code complexity is significantly reduced according to a set of well-known metrics. Furthermore, we report that by trimming redundant code, 48.6% of the known security vulnerabilities in the Java Runtime Environment JRE 6 update 45 has been removed.

Original languageEnglish (US)
Title of host publicationProceedings - 2016 IEEE 40th Annual Computer Software and Applications Conference, COMPSAC 2016
EditorsWilliam Claycomb, Dejan Milojicic, Ling Liu, Mihhail Matskin, Zhiyong Zhang, Sorel Reisman, Hiroyuki Sato, Zhiyong Zhang, Sheikh Iqbal Ahamed
PublisherIEEE Computer Society
Pages12-21
Number of pages10
ISBN (Electronic)9781467388450
DOIs
StatePublished - Aug 24 2016
Event2016 IEEE 40th Annual Computer Software and Applications Conference, COMPSAC 2016 - Atlanta, United States
Duration: Jun 10 2016Jun 14 2016

Publication series

NameProceedings - International Computer Software and Applications Conference
Volume1
ISSN (Print)0730-3157

Other

Other2016 IEEE 40th Annual Computer Software and Applications Conference, COMPSAC 2016
CountryUnited States
CityAtlanta
Period6/10/166/14/16

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Science Applications

Fingerprint Dive into the research topics of 'JRed: Program Customization and Bloatware Mitigation Based on Static Analysis'. Together they form a unique fingerprint.

Cite this