Abstract. Dynamic compilation systems are of fundamental importance to high performance execution of interpreted languages such as Java. These systems analyse the performance of an application at runtime and aggressively re-compile and optimise code which is deemed critical to performance. However, the premise that the code executed is not the same code as written by the programmer raises a number of important security concerns. In this paper we examine the specific problem that dynamic compilation, through transformation of the code, may introduce side-channel vulnerabilities where before there were none.
Code diversification has been proposed as a technique to mitigate code reuse attacks, which have rec...
Dynamic binary translation looks to map one computer architecture to another. Java is unusual in tha...
International audienceSecure compilation is a discipline aimed at developing compilers that preserve...
Side-channel attacks are a concrete and practical threat to the security of computing systems, rangi...
We interact with computer systems daily if not hourly, trusting them with our sensitive data. Comput...
Being able to properly represent dynamic code, or the notion of code that is created/modified at run...
Our society is increasingly dependent on computer systems. Ensuring their security is essential to a...
Existing compiler techniques can transform code to make its timing behavior independent of sensitive...
Software is pervasive in our daily lives and we rely on it for many critical tasks. Despite the abun...
International audienceWe propose a new formal criterion for evaluating secure compilation schemes fo...
Program Vulnerabilities may be unwarranted for any organization and may lead to severe system failur...
Dynamic code evolution is a technique to update a program while it is running. In an object-oriented...
Side channels are unintended indirect flows of infor-mation revealed by physical executions of a com...
ABSTRACT. In Java’s first year it has become clear that many of the problems posed by executable con...
There is implicit trust involved when using computer software. Open-source software attempts to insp...
Code diversification has been proposed as a technique to mitigate code reuse attacks, which have rec...
Dynamic binary translation looks to map one computer architecture to another. Java is unusual in tha...
International audienceSecure compilation is a discipline aimed at developing compilers that preserve...
Side-channel attacks are a concrete and practical threat to the security of computing systems, rangi...
We interact with computer systems daily if not hourly, trusting them with our sensitive data. Comput...
Being able to properly represent dynamic code, or the notion of code that is created/modified at run...
Our society is increasingly dependent on computer systems. Ensuring their security is essential to a...
Existing compiler techniques can transform code to make its timing behavior independent of sensitive...
Software is pervasive in our daily lives and we rely on it for many critical tasks. Despite the abun...
International audienceWe propose a new formal criterion for evaluating secure compilation schemes fo...
Program Vulnerabilities may be unwarranted for any organization and may lead to severe system failur...
Dynamic code evolution is a technique to update a program while it is running. In an object-oriented...
Side channels are unintended indirect flows of infor-mation revealed by physical executions of a com...
ABSTRACT. In Java’s first year it has become clear that many of the problems posed by executable con...
There is implicit trust involved when using computer software. Open-source software attempts to insp...
Code diversification has been proposed as a technique to mitigate code reuse attacks, which have rec...
Dynamic binary translation looks to map one computer architecture to another. Java is unusual in tha...
International audienceSecure compilation is a discipline aimed at developing compilers that preserve...