Skip to Main content Skip to Navigation
Conference papers

JITDefender: A Defense against JIT Spraying Attacks

Abstract : JIT spraying is a new code-reuse technique to attack virtual machines based on JIT (Just-in-time) compilation. It has proven to be capable of circumventing the defenses such as data execution prevention (DEP) and address space layout randomization(ASLR), which are effective for preventing the traditional code injection attacks. In this paper, we describe JITDefender, an enhancement of standard JIT-based VMs, which can prevent the attacker from executing arbitrary JIT compiled code on the VM. Thereby JITDefender can block JIT spraying attacks. We prove the effectiveness of JITDefender by demonstrating that it can successfully prevent existing JIT spraying exploits. JITDefender reports no false positives when run over benign actionscript/javascript programs. In addition, we show that the performance overhead of JITDefender is low.
Document type :
Conference papers
Complete list of metadata

Cited literature [18 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Monday, July 24, 2017 - 10:40:19 AM
Last modification on : Monday, July 24, 2017 - 10:42:15 AM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Ping Chen, Yi Fang, Bing Mao, Li Xie. JITDefender: A Defense against JIT Spraying Attacks. 26th International Information Security Conference (SEC), Jun 2011, Lucerne, Switzerland. pp.142-153, ⟨10.1007/978-3-642-21424-0_12⟩. ⟨hal-01567598⟩



Record views


Files downloads