Page deduplication is a mechanism to reduce the memory footprint of a system. Identical physical pages are identified across borders of virtual machines and programs and merged by the operating system or the hypervisor. However, this enables side-channel information leakage through cache or memory access time. Therefore, it is considered harmful in public clouds today, but it is still considered safe to use in a private environment, i.e., private clouds, personal computers, and smartphones. We present the first memory-disclosure attack in sandboxed Javascript which exploits page deduplication. Unlike previous attacks, our attack does not require the victim to execute an adversary’s program, but simply to open a website which contains the a...
JavaScript is a browser scripting language that allows developers to create sophisticated client-sid...
Malicious webpages with JavaScript code that launch attacks on web browsers have become an increasin...
Abstract—The cloud computing infrastructure relies on virtu-alized servers that provide isolation ac...
Memory deduplication, a well-known technique to reduce the memory footprint across virtual machines,...
We present a micro-architectural side-channel attack that runs entirely in the browser. In contrast ...
A fundamental assumption in software security is that a memory location can only be modified by proc...
Memory deduplication, an OS memory optimization technique that merges identical pages into a single ...
Analysing security assumptions taken for the WebRTC and postMessage APIs led us to find a novel atta...
Abstract. Due to its flexibility and dynamic character, JavaScript has become an important tool for ...
Today’s web applications rely on the same-origin policy, the primary security policy of the Web, to ...
Modern systems rely on Address-Space Layout Ran-domization (ASLR) and Data Execution Prevention (DEP...
In today s web applications, no one disputes the important role of JavaScript asa client-side progra...
Web sites are often used for diffusing malware; an increasingly number of attacks are performed by d...
The increased use of the World Wide Web and JavaScript as a scripting language for Web pages have ma...
Abstract. The cloud computing infrastructure relies on virtualized servers that provide isolation ac...
JavaScript is a browser scripting language that allows developers to create sophisticated client-sid...
Malicious webpages with JavaScript code that launch attacks on web browsers have become an increasin...
Abstract—The cloud computing infrastructure relies on virtu-alized servers that provide isolation ac...
Memory deduplication, a well-known technique to reduce the memory footprint across virtual machines,...
We present a micro-architectural side-channel attack that runs entirely in the browser. In contrast ...
A fundamental assumption in software security is that a memory location can only be modified by proc...
Memory deduplication, an OS memory optimization technique that merges identical pages into a single ...
Analysing security assumptions taken for the WebRTC and postMessage APIs led us to find a novel atta...
Abstract. Due to its flexibility and dynamic character, JavaScript has become an important tool for ...
Today’s web applications rely on the same-origin policy, the primary security policy of the Web, to ...
Modern systems rely on Address-Space Layout Ran-domization (ASLR) and Data Execution Prevention (DEP...
In today s web applications, no one disputes the important role of JavaScript asa client-side progra...
Web sites are often used for diffusing malware; an increasingly number of attacks are performed by d...
The increased use of the World Wide Web and JavaScript as a scripting language for Web pages have ma...
Abstract. The cloud computing infrastructure relies on virtualized servers that provide isolation ac...
JavaScript is a browser scripting language that allows developers to create sophisticated client-sid...
Malicious webpages with JavaScript code that launch attacks on web browsers have become an increasin...
Abstract—The cloud computing infrastructure relies on virtu-alized servers that provide isolation ac...