Automated software protection for the masses against side-channel attacks
We present an approach and a tool to answer the need for effective, generic, and easily
applicable protections against side-channel attacks. The protection mechanism is based on …
applicable protections against side-channel attacks. The protection mechanism is based on …
{SoK}: Make {JIT-Spray} Great Again
R Gawlik, T Holz - 12th USENIX Workshop on Offensive Technologies …, 2018 - usenix.org
Since the end of the 20th century, it has become clear that web browsers will play a crucial
role in accessing Internet resources such as the World Wide Web. They evolved into …
role in accessing Internet resources such as the World Wide Web. They evolved into …
Cima: Compiler-enforced resilience against memory safety attacks in cyber-physical systems
Memory-safety attacks have been one of the most critical threats against computing systems.
Although a wide-range of defense techniques have been developed against these attacks …
Although a wide-range of defense techniques have been developed against these attacks …
[PDF][PDF] Micro-virtualization memory tracing to detect and prevent spraying attacks
S Cristalli, M Pagnozzi, M Graziano, A Lanzi… - 25th {USENIX} Security …, 2016 - usenix.org
Spraying is a common payload delivery technique used by attackers to execute arbitrary
code in presence of Address Space Layout Randomisation (ASLR). In this paper we present …
code in presence of Address Space Layout Randomisation (ASLR). In this paper we present …
[PDF][PDF] A Call to ARMs: Understanding the Costs and Benefits of JIT Spraying Mitigations.
JIT spraying allows an attacker to subvert a Just-In-Time compiler, introducing instruction
sequences useful to the attacker into executable regions of the victim program's address …
sequences useful to the attacker into executable regions of the victim program's address …
Hardware security for just-in-time compilation in language virtual machines
Q Ducasse - 2024 - theses.hal.science
Language Virtual Machines (VMs) are the run-time environment of popular high level
managed languages. They offer portability and memory handling for the developer and are …
managed languages. They offer portability and memory handling for the developer and are …
Look ma, no constants: Practical constant blinding in GraalVM
F Berlakovich, M Neugschwandtner… - Proceedings of the 15th …, 2022 - dl.acm.org
With the advent of JIT compilers, code-injection attacks have seen a revival in the form of JIT
spraying. JIT spraying enables an attacker to inject gadgets into executable memory …
spraying. JIT spraying enables an attacker to inject gadgets into executable memory …
Glyph: Efficient ML-based detection of heap spraying attacks
F Pierazzi, S Cristalli, D Bruschi… - IEEE Transactions …, 2020 - ieeexplore.ieee.org
Heap spraying is probably the most simple and effective memory corruption attack, which
fills the memory with malicious payloads and then jumps at a random location in hopes of …
fills the memory with malicious payloads and then jumps at a random location in hopes of …
[책][B] JIT Spraying Threats on ARM and Defense by Diversification
WSW Lian - 2016 - search.proquest.com
Just-in-Time compilers offer substantial runtime performance benefits over traditional
execution methods like interpretation; and they have enjoyed widespread deployment in the …
execution methods like interpretation; and they have enjoyed widespread deployment in the …
Securing Statically and Dynamically Compiled Programs using Software Diversity
A Homescu - 2015 - escholarship.org
Code-reuse attacks are notoriously hard to defeat, and many current solutions to the
problem focus on automated software diversity. This is a promising area of research, as …
problem focus on automated software diversity. This is a promising area of research, as …