Abstract-JIT spraying has an assured spot in an attacker's toolkit for Web browser exploitation: With JIT spraying an attacker is able to circumvent even the most sophisticated defense strategies against code injection, including address space layout randomization (ASLR), data execution prevention (DEP) and stack canaries.In this paper, we present LOBOTOMY, an architecture for building injection-safe JIT engines. LOBOTOMY is secure by design: it separates compiler and executor of a JIT engine in different processes that share the memory regions containing the compiled code. This allows us to use least-privilege access rights for both processes, preventing memory regions to be mapped with write-and execute-rights at the same time.Our proof-of-concept implementation that modifies the wellknown Firefox JIT engine Tracemonkey shows both the effectiveness and real-world feasibility of our architecture. Additionally, we provide a thorough evaluation of our version compared to an unmodified baseline and competing approaches.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.