Adaptive Just-In-Time Code Diversification

5 years 7 months ago
Adaptive Just-In-Time Code Diversification
We present a method to regenerate diversified code dynamically in a Java bytecode JIT compiler, and to update the diversification frequently during the execution of the program. This way, we can significantly reduce the time frame in which attackers can let a program leak useful address space information and subsequently use the leaked information in memory exploits. A proof of concept implementation is evaluated, showing that even though code is recompiled frequently, we can achieved smaller overheads than the previous state of the art, which generated diversity only once during the whole execution of a program. Categories and Subject Descriptors D.3.4 [Programming Languages]: Processors—code generation, optimization;K.6.5[Management of Computing and Information Systems]: Security and Protection—unauthorized access General Terms Algorithms, Performance, Experimentation, Security. Keywords Recompilation, profiles, NOP insertion.
Abhinav Jangda, Mohit Mishra, Bjorn De Sutter
Added 17 Apr 2016
Updated 17 Apr 2016
Type Journal
Year 2015
Where CCS
Authors Abhinav Jangda, Mohit Mishra, Bjorn De Sutter
Comments (0)