BuBBle: A Javascript Engine Level Countermeasure against Heap-Spraying Attacks
نویسندگان
چکیده
Web browsers that support a safe language such as Javascript are becoming a platform of great interest for security attacks. One such attack is a heap-spraying attack: a new kind of attack that combines the notoriously hard to reliably exploit heap-based buffer overflow with the use of an in-browser scripting language for improved reliability. A typical heap-spraying attack allocates a high number of objects containing the attacker’s code on the heap, dramatically increasing the probability that the contents of one of these objects is executed. In this paper we present a lightweight approach that makes heap-spraying attacks in Javascript significantly harder. Our prototype, which is implemented in Firefox, has a negligible performance and memory overhead while effectively protecting against heap-spraying attacks.
منابع مشابه
Detection of Heap-Spraying Attacks Using String Trace Graph
Heap-spraying is an attack technique that exploits memory corruptions in web browsers. A realtime detection of heap-spraying is difficult because of dynamic nature of JavaScript and monitoring overheads. In this paper, we propose a runtime detector of heap-spraying attacks in web browsers. We build a string trace graph by tracing all string objects and string operations in JavaScript. The graph...
متن کاملNOZZLE: A Defense Against Heap-spraying Code Injection Attacks
Heap spraying is a security attack that increases the exploitability of memory corruption errors in type-unsafe applications. In a heap-spraying attack, an attacker coerces an application to allocate many objects containing malicious code in the heap, increasing the success rate of an exploit that jumps to a location within the heap. Because heap layout randomization necessitates new forms of a...
متن کاملDefending Browsers against Drive-by Downloads: Mitigating Heap-Spraying Code Injection Attacks
Drive-by download attacks are among the most common methods for spreading malware today. These attacks typically exploit memory corruption vulnerabilities in web browsers and browser plug-ins to execute shellcode, and in consequence, gain control of a victim’s computer. Compromised machines are then used to carry out various malicious activities, such as joining botnets, sending spam emails, or...
متن کاملThreshold Implementation as a Countermeasure against Power Analysis Attacks
One of the usual ways to find sensitive data or secret parameters of cryptographic devices is to use their physical leakages. Power analysis is one of the attacks which lay in such a model. In comparison with other types of side-channels, power analysis is so efficient and has a high success rate. So it is important to provide a countermeasure against it. Different types of countermeasures use ...
متن کاملA Call to ARMs: Understanding the Costs and Benefits of JIT Spraying Mitigations
JIT spraying allows an attacker to subvert a JustIn-Time compiler, introducing instruction sequences useful to the attacker into executable regions of the victim program’s address space as a side effect of compiling seemingly innocuous code in a safe language like JavaScript. We present new JIT spraying attacks against Google’s V8 and Mozilla’s SpiderMonkey JavaScript engines on ARM. The V8 att...
متن کامل