2011
DOI: 10.1145/1993316.1993540
|View full text |Cite
|
Sign up to set email alerts
|

Language-independent sandboxing of just-in-time compilation and self-modifying code

Abstract: When dealing with dynamic, untrusted content, such as on the Web, software behavior must be sandboxed, typically through use of a language like JavaScript. However, even for such speciallydesigned languages, it is difficult to ensure the safety of highlyoptimized, dynamic language runtimes which, for efficiency, rely on advanced techniques such as Just-In-Time (JIT) compilation, large libraries of native-code support routines, and intricate mechanisms for multi-threading and garbage collection. Each new runtim… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
39
0

Year Published

2011
2011
2019
2019

Publication Types

Select...
5
3
1

Relationship

0
9

Authors

Journals

citations
Cited by 27 publications
(39 citation statements)
references
References 38 publications
0
39
0
Order By: Relevance
“…One top priority is to write a verifier (similar to [28]) to remove the compiler from the TCB. Another interesting improvement to our SFI is to support Just-In-Time (JIT) compilation and self-modifying code, which can be done in a way similar to [7]. This is important to support language runtimes for high-level programming languages, e.g., Java and JavaScript.…”
Section: Discussionmentioning
confidence: 99%
“…One top priority is to write a verifier (similar to [28]) to remove the compiler from the TCB. Another interesting improvement to our SFI is to support Just-In-Time (JIT) compilation and self-modifying code, which can be done in a way similar to [7]. This is important to support language runtimes for high-level programming languages, e.g., Java and JavaScript.…”
Section: Discussionmentioning
confidence: 99%
“…In our future work, we plan to address some of the challenges introduced when supporting applications that allow for just-in-time (JIT) compilation and run-time code relocation [35]. One possibility is to include page hash generation both in software as well as in the hardware root-of-trust as an enrollment process for pages with code modifications.…”
Section: Discussionmentioning
confidence: 99%
“…Thus, if at any instance during the execution of the process, a new executable page is allocated, the hardware monitor will flag an alarm alerting the kernel that the new page does not have any corresponding golden hash. Therefore, our proposed architecture currently limits the support of applications that allow for just-in-time (JIT) compilation and run-time code relocation [35].…”
Section: Dynamically-linked Librariesmentioning
confidence: 99%
“…However, like instruction set randomization, we are not aware of any research that shows the implications control flow integrity has on return-oriented programming. Ansel et al [4] optimized the execution of NOP padding in their extension to Native Client.…”
Section: Other Prevention Techniquesmentioning
confidence: 99%