Back to Search
Start Over
JITDefender: A Defense against JIT Spraying Attacks
- Source :
- IFIP Advances in Information and Communication Technology ISBN: 9783642214233, SEC
- Publication Year :
- 2011
- Publisher :
- Springer Berlin Heidelberg, 2011.
-
Abstract
- JIT spraying is a new code-reuse technique to attack virtual machines based on JIT (Just-in-time) compilation. It has proven to be capable of circumventing the defenses such as data execution prevention (DEP) and address space layout randomization(ASLR), which are effective for preventing the traditional code injection attacks. In this paper, we describe JITDefender, an enhancement of standard JIT-based VMs, which can prevent the attacker from executing arbitrary JIT compiled code on the VM. Thereby JITDefender can block JIT spraying attacks. We prove the effectiveness of JITDefender by demonstrating that it can successfully prevent existing JIT spraying exploits. JITDefender reports no false positives when run over benign actionscript/javascript programs. In addition, we show that the performance overhead of JITDefender is low.
- Subjects :
- Address space layout randomization
Computer science
business.industry
JIT spraying
computer.software_genre
Computer security
JavaScript
Virtual machine
Embedded system
Overhead (computing)
Software_PROGRAMMINGLANGUAGES
business
computer
Machine code
Compiled language
computer.programming_language
Block (data storage)
Subjects
Details
- ISBN :
- 978-3-642-21423-3
- ISBNs :
- 9783642214233
- Database :
- OpenAIRE
- Journal :
- IFIP Advances in Information and Communication Technology ISBN: 9783642214233, SEC
- Accession number :
- edsair.doi...........cd91a80ae3c705e628bf32302fef27b7
- Full Text :
- https://doi.org/10.1007/978-3-642-21424-0_12