Detile: Fine-Grained Information Leak Detection in Script Engines

by   Robert Gawlik, et al.

Memory disclosure attacks play an important role in the exploitation of memory corruption vulnerabilities. By analyzing recent research, we observe that bypasses of defensive solutions that enforce control-flow integrity or attempt to detect return-oriented programming require memory disclosure attacks as a fundamental first step. However, research lags behind in detecting such information leaks. In this paper, we tackle this problem and present a system for fine-grained, automated detection of memory disclosure attacks against scripting engines. The basic insight is as follows: scripting languages, such as JavaScript in web browsers, are strictly sandboxed. They must not provide any insights about the memory layout in their contexts. In fact, any such information potentially represents an ongoing memory disclosure attack. Hence, to detect information leaks, our system creates a clone of the scripting engine process with a re-randomized memory layout. The clone is instrumented to be synchronized with the original process. Any inconsistency in the script contexts of both processes appears when a memory disclosure was conducted to leak information about the memory layout. Based on this detection approach, we have designed and implemented Detile (detection of information leaks), a prototype for the JavaScript engine in Microsoft's Internet Explorer 10/11 on Windows 8.0/8.1. An empirical evaluation shows that our tool can successfully detect memory disclosure attacks even against this proprietary software.


page 1

page 2

page 3

page 4


Document Layout Analysis with Aesthetic-Guided Image Augmentation

Document layout analysis (DLA) plays an important role in information ex...

Shakedown: compiler-based moving target protection for Return Oriented Programing attacks on an industrial IoT device

Cybercriminals use Return Oriented Programming techniques to attack syst...

Static Detection of Uninitialized Stack Variables in Binary Code

More than two decades after the first stack smashing attacks, memory cor...

Intertwining ROP Gadgets and Opaque Predicates for Robust Obfuscation

Software obfuscation plays a crucial role in protecting intellectual pro...

Proconda – Protected Control Data

Memory corruption vulnerabilities often enable attackers to take control...

Exploitation Techniques and Defenses for Data-Oriented Attacks

Data-oriented attacks manipulate non-control data to alter a program's b...

TaintAssembly: Taint-Based Information Flow Control Tracking for WebAssembly

WebAssembly (wasm) has recently emerged as a promisingly portable, size-...

Please sign up or login with your details

Forgot password? Click here to reset