Bubble: a Javascript engine level countermeasure against heap-spraying attacks

Gadaleta, Francesco; Younan, Yves; Joosen, Wouter; Massacci, Fabio; Wallach, Dan; Zannone, Nicola

doi:10.1007/978-3-642-11747-3_1

Request a copy

Paper published in a book (Scientific congresses and symposiums)

Bubble: a Javascript engine level countermeasure against heap-spraying attacks

Gadaleta, Francesco; Younan, Yves; Joosen, Wouter et al.

2010 • In Bubble: a Javascript engine level countermeasure against heap-spraying attacks

Peer reviewed

Permalink
https://hdl.handle.net/2268/172372

DOI
10.1007/978-3-642-11747-3_1

Files (1)Send to Details Statistics Bibliography Similar publications

Files

Full Text

fulltext.pdf

Publisher postprint (422.5 kB)

Request a copy

All documents in ORBi are protected by a user license.

Send to

RIS BibTex APA Chicago Permalink X Linkedin

Details

Disciplines :

Computer science

Author, co-author :

Gadaleta, Francesco ; Université de Liège - ULiège > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Bioinformatique

Younan, Yves

Joosen, Wouter

Massacci, Fabio

Wallach, Dan

Zannone, Nicola

Language :

English

Title :

Bubble: a Javascript engine level countermeasure against heap-spraying attacks

Publication date :

2010

Event name :

ESSoS, Pisa, 3-4 February 2010

Event date :

4-2-2010

Audience :

International

Main work title :

Bubble: a Javascript engine level countermeasure against heap-spraying attacks

Publisher :

Springer Berlin
Heidelberg

Peer reviewed :

Peer reviewed

Additional URL :

http://lirias.kuleuven.be/handle/123456789/265421

Available on ORBi :

since 28 September 2014

Statistics

Number of views

62 (1 by ULiège)

Number of downloads

0 (0 by ULiège)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

OpenCitations

OpenAlex citations

Bibliography

Abadi, M., Budiu, M., Erlingsson, Ú., Ligatti, J.: Control-flow integrity. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, Alexandria, Virginia, U.S.A., November 2005, pp. 340-353. ACM, New York (2005)
Anisimov, A.: Defeating microsoft windows xp sp2 heap protection and dep bypass, http://www.ptsecurity.com
Barrantes, E.G., Ackley, D.H., Forrest, S., Palmer, T.S., Stefanović, D., Zovi, D.D.: Randomized instruction set emulation to disrupt binary code injection attacks. In: Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS2003), Washington, D.C., U.S.A., October 2003, pp. 281-289. ACM, New York (2003)
Berry-Bryne, S.: Firefox 3.5 heap spray exploit (2009), http://www.milw0rm.com/exploits/9181
Bhatkar, S., Duvarney, D.C., Sekar, R.: Address obfuscation: An efficient approach to combat a broad range of memory error exploits. In: Proceedings of the 12th USENIX Security Symposium, Washington, D.C., U.S.A., August 2003, pp. 105-120. USENIX Association (2003)
Bhatkar, S., Sekar, R.: Data space randomization. In: Zamboni, D. (ed.) DIMVA 2008. LNCS, vol. 5137, pp. 1-22. Springer, Heidelberg (2008)
Bhatkar, S., Sekar, R., DuVarney, D.C.: Efficient techniques for comprehensive protection from memory error exploits. In: 14th USENIX Security Symposium, Baltimore, MD, August 2005, USENIX Association (2005)
Blog, M.A.L.: New backdoor attacks using pdf documents (2009), http://www.avertlabs.com/research/blog/index.php/2009/02/19/new-backdoor- attacks-using-pdf-documents/
Futuremark Corporation. Peacekeeper The Browser Benchmark, http://service.futuremark.com/peacekeeper/
Cowan, C., Beattie, S., Johansen, J., Wagle, P.: PointGuard: protecting pointers from buffer overflow vulnerabilities. In: Proceedings of the 12th USENIX Security Symposium, Washington, D.C., U.S.A., August 2003, pp. 91-104. USENIX Association (2003)
Daniel, M., Honoroff, J., Miller, C.: Engineering heap overflow exploits with javascript. In: WOOT 2008: Proceedings of the 2nd conference on USENIX Workshop on offensive technologies, Berkeley, CA, USA, pp. 1-6. USENIX Association (2008)
Egele, M., Wurzinger, P., Kruegel, C., Kirda, E.: Defending browsers against drive-by downloads: mitigating heap-spraying code injection attacks. In: Flegel, U., Bruschi, D. (eds.) DIMVA 2009. LNCS, vol. 5587, pp. 88-106. Springer, Heidelberg (2009)
Erlingsson, Ú.: Low-level software security: Attacks and defenses. Technical Report MSRTR-2007-153, Microsoft Research (November 2007)
Etoh, H., Yoda, K.: Protecting from stack-smashing attacks. Technical report, IBM Research Divison, Tokyo Research Laboratory (June 2000)
Mozilla Foundation. Firefox 3.5b4 (2009), http://developer.mozilla.org
Google. V8 Benchmark Suite - version 5, http://v8.googlecode.com
Intel. Intel architecture software developer's manual. vol. 2: Instruction set reference (2002)
E. C. M. A. International. ECMA-262: ECMAScript Language Specification. ECMA (European Association for Standardizing Information and Communication Systems), 3rd edn., Geneva, Switzerland (December 1999)
Jorendorff: Anatomy of a javascript object (2008), http://blog.mozilla. com/jorendorff/2008/11/17/ anatomy-of-a-javascript-object
Kiriansky, V., Bruening, D., Amarasinghe, S.: Secure execution via program shepherding. In: Proceedings of the 11th USENIX Security Symposium, San Francisco, California, U.S.A., August 2002, USENIX Association (2002)
Krennmair, A.: ContraPolice: a libc extension for protecting applications from heap-smashing attacks (November 2003)
FireEye Malware Intelligence Lab. Heap spraying with actionscript (2009), http://blog.fireeye.com/research/2009/07/actionscript-heap-spray.html
Ratanaworabhan, P., Livshits, B., Zorn, B.: Nozzle: A defense against heap-spraying code injection attacks. Technical report, Microsoft Research (November 2008)
Robertson, W., Kruegel, C., Mutz, D., Valeur, F.: Run-time detection of heap-based overflows. In: Proceedings of the 17th Large Installation Systems Administrators Conference, San Diego, California, U.S.A., October 2003, pp. 51-60. USENIX Association (2003)
securiteam.com. Heap spraying: Exploiting internet explorer vml 0-day xp sp2 (2009), http://blogs.securiteam.com/index.php/archives/641
Securitylab. Adobe reader 0-day critical vulnerability exploited in the wild, cve-2009-0658 (2009), http://en.securitylab.ru/nvd/368655.php
skypher.com. Heap spraying (2007), http://skypher.com/wiki/index.php
Sotirov, A.: Heap feng shui in javascript (2007)
TMS. Data execution prevention, http://technet.microsoft.com/en-us/ library/cc738483.aspx
Wagle, P., Cowan, C.: Stackguard: Simple stack smash protection for gcc. In: Proceedings of the GCC Developers Summit, Ottawa, Ontario, Canada, May 2003, pp. 243-256 (2003)
www2.webkit.org Sunspider javascript benchmark (2009), http://www2.webkit.org/perf/sunspider-0.9/sunspider.html
www.milw0rm.com Safari (arguments) array integer overflow poc (new heap spray) (2009), http://www.milw0rm.com/exploits/7673
www.packetstormsecurity.org 25bytes-execve (2009), http://www. packetstormsecurity.org/shellcode/25bytes-execve.txt
Xu, J., Kalbarczyk, Z., Iyer, R.K.: Transparent runtime randomization for security. In: 22nd International Symposium on Reliable Distributed Systems (SRDS 2003), Florence, Italy, October 2003, pp. 260-269. IEEE Computer Society, IEEE Press, Los Alamitos (2003)
Younan, Y., Joosen, W., Piessens, F.: Code injection in C and C++: A survey of vulnerabilities and countermeasures. Technical report, Departement Computerwetenschappen, Katholieke Universiteit Leuven (2004)
Younan, Y., Joosen, W., Piessens, F.: Efficient protection against heap-based buffer overflows without resorting to magic. In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 379-398. Springer, Heidelberg (2006)
Younan, Y., Pozza, D., Piessens, F., Joosen, W.: Extended protection against stack smashing attacks without performance loss. In: Proceedings of the Twenty-Second Annual Computer Security Applications Conference (ACSAC 2006), pp. 429-438. IEEE Press, Los Alamitos (2006)