Security Analysis of Code Bloat in Machine Learning Systems

dc.contributor.authorAhmed, Fahmi Abdulqadir
dc.contributor.authorFatih, Dyako
dc.contributor.departmentChalmers tekniska högskola / Institutionen för data och informationstekniksv
dc.contributor.examinerLeitner, Philipp
dc.contributor.supervisorHassan, Ahmed Ali-Eldin
dc.date.accessioned2022-07-07T11:57:30Z
dc.date.available2022-07-07T11:57:30Z
dc.date.issued2022sv
dc.date.submitted2020
dc.description.abstractCode bloat is a significant issue in modern software systems as they continue to increase in size and complexity. Furthermore, with the widespread adoption of containerized applications, there is an abundance of unneeded packages that suffer from a wide range of vulnerabilities. In this thesis, we analyze the prevalence of security vulnerabilities in containers used for Machine Learning (ML) systems. We consider two popular ML frameworks, namely, PyTorch and TensorFlow. Making use of container scanning tools, we observed over 100 Common Vulnerabilities and Exposures (CVE) in the tested containers. Our experiments show that debloating using Cimplifier leads to a reduction in the image sizes of up to 49% and a reduction of vulnerabilities of at least 87%. The majority of the removed CVEs can be attributed to the removal of bloat specific to redundant parts of the containers’ installed OS packages. A smaller portion of the CVEs detected in the Python packages were removed by Cimplifier.sv
dc.identifier.coursecodeDATX05sv
dc.identifier.urihttps://hdl.handle.net/20.500.12380/305124
dc.language.isoengsv
dc.setspec.uppsokTechnology
dc.subjectSecuritysv
dc.subjectDebloatingsv
dc.subjectVulnerability Scanningsv
dc.subjectMachine Learning Systemssv
dc.subjectContainerssv
dc.subjectDockersv
dc.titleSecurity Analysis of Code Bloat in Machine Learning Systemssv
dc.type.degreeExamensarbete för masterexamensv
dc.type.uppsokH
Ladda ner
Original bundle
Visar 1 - 1 av 1
Hämtar...
Bild (thumbnail)
Namn:
CSE 22-32 Ahmed Faith.pdf
Storlek:
1.64 MB
Format:
Adobe Portable Document Format
Beskrivning:
Master’s thesis in Computer science and engineering
License bundle
Visar 1 - 1 av 1
Hämtar...
Bild (thumbnail)
Namn:
license.txt
Storlek:
1.51 KB
Format:
Item-specific license agreed upon to submission
Beskrivning: