We present a method to regenerate diversified code dynamically in a Java bytecode JIT compiler, and to update the diversification frequently during the execution of the program. This way, we can significantly reduce the time frame in which attackers can let a program leak useful address space information and subsequently use the leaked information in memory exploits. A proof of concept implementation is evaluated, showing that even though code is recompiled frequently, we can achieved smaller overheads than the previous state of the art, which generated diversity only once during the whole execution of a program
Fine-grained address space layout randomization (ASLR) has recently been proposed as a method of eff...
Until recently, it was widely believed that code randomization (such as fine-grained ASLR) can effec...
This paper proposes a novel technique, called instruction set limitation, to strengthen the resilien...
We present a method to regenerate diversified code dynamically in a Java bytecode JIT compiler, and ...
Code-reuse attacks are notoriously hard to defeat, and many current solutions to the problem focus o...
Code diversification has been proposed as a technique to mitigate code reuse attacks, which have rec...
Software immunity through diversity is a promising research direction. Address Space Layout Randomi...
Memory-corruption vulnerabilities pose a serious threat to modern computer security. Attackers explo...
Existing compiler techniques can transform code to make its timing behavior independent of sensitive...
Abstract—Fine-grained address space layout randomization (ASLR) has recently been proposed as a meth...
Just-in-time (JIT)-spraying, which first appeared in Blackhat DC 2010, is a new kind of attack techn...
International audienceAs more devices are connecting together, more effective security techniques ar...
Software that is in use and under development today still contains as many bugs as ever. These bugs ...
Run-time specialization (RTS) is a technique that e#ciently generates specialized programs with resp...
Abstract—Code-reuse attacks such as return-oriented pro-gramming (ROP) pose a severe threat to moder...
Fine-grained address space layout randomization (ASLR) has recently been proposed as a method of eff...
Until recently, it was widely believed that code randomization (such as fine-grained ASLR) can effec...
This paper proposes a novel technique, called instruction set limitation, to strengthen the resilien...
We present a method to regenerate diversified code dynamically in a Java bytecode JIT compiler, and ...
Code-reuse attacks are notoriously hard to defeat, and many current solutions to the problem focus o...
Code diversification has been proposed as a technique to mitigate code reuse attacks, which have rec...
Software immunity through diversity is a promising research direction. Address Space Layout Randomi...
Memory-corruption vulnerabilities pose a serious threat to modern computer security. Attackers explo...
Existing compiler techniques can transform code to make its timing behavior independent of sensitive...
Abstract—Fine-grained address space layout randomization (ASLR) has recently been proposed as a meth...
Just-in-time (JIT)-spraying, which first appeared in Blackhat DC 2010, is a new kind of attack techn...
International audienceAs more devices are connecting together, more effective security techniques ar...
Software that is in use and under development today still contains as many bugs as ever. These bugs ...
Run-time specialization (RTS) is a technique that e#ciently generates specialized programs with resp...
Abstract—Code-reuse attacks such as return-oriented pro-gramming (ROP) pose a severe threat to moder...
Fine-grained address space layout randomization (ASLR) has recently been proposed as a method of eff...
Until recently, it was widely believed that code randomization (such as fine-grained ASLR) can effec...
This paper proposes a novel technique, called instruction set limitation, to strengthen the resilien...