{"id":"https://openalex.org/W2609787042","doi":"https://doi.org/10.1109/pst.2016.7906978","title":"libmask: Protecting browser JIT engines from the devil in the constants","display_name":"libmask: Protecting browser JIT engines from the devil in the constants","publication_year":2016,"publication_date":"2016-12-01","ids":{"openalex":"https://openalex.org/W2609787042","doi":"https://doi.org/10.1109/pst.2016.7906978","mag":"2609787042"},"language":"en","primary_location":{"id":"doi:10.1109/pst.2016.7906978","is_oa":false,"landing_page_url":"https://doi.org/10.1109/pst.2016.7906978","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2016 14th Annual Conference on Privacy, Security and Trust (PST)","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5067698468","display_name":"Abhinav Abhinav","orcid":null},"institutions":[{"id":"https://openalex.org/I68891433","display_name":"Indian Institute of Technology Delhi","ror":"https://ror.org/049tgcd06","country_code":"IN","type":"education","lineage":["https://openalex.org/I68891433"]}],"countries":["IN"],"is_corresponding":true,"raw_author_name":"Abhinav","raw_affiliation_strings":["Indian Institute of Technology Delhi, New Delhi, Delhi, IN"],"affiliations":[{"raw_affiliation_string":"Indian Institute of Technology Delhi, New Delhi, Delhi, IN","institution_ids":["https://openalex.org/I68891433"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102930908","display_name":"Mohit Mishra","orcid":"https://orcid.org/0000-0002-6111-3565"},"institutions":[{"id":"https://openalex.org/I68891433","display_name":"Indian Institute of Technology Delhi","ror":"https://ror.org/049tgcd06","country_code":"IN","type":"education","lineage":["https://openalex.org/I68891433"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Mohit Mishra","raw_affiliation_strings":["Indian Institute of Technology Delhi, New Delhi, Delhi, IN"],"affiliations":[{"raw_affiliation_string":"Indian Institute of Technology Delhi, New Delhi, Delhi, IN","institution_ids":["https://openalex.org/I68891433"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5086536054","display_name":"Beno\u00eet Baudry","orcid":"https://orcid.org/0000-0002-4015-4640"},"institutions":[{"id":"https://openalex.org/I4210133778","display_name":"Inria Rennes - Bretagne Atlantique Research Centre","ror":"https://ror.org/04040yw90","country_code":"FR","type":"government","lineage":["https://openalex.org/I1326498283","https://openalex.org/I4210133778"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Benoit Baudry","raw_affiliation_strings":["Inria Centre de Recherche Rennes Bretagne Atlantique, Rennes, Bretagne, FR"],"affiliations":[{"raw_affiliation_string":"Inria Centre de Recherche Rennes Bretagne Atlantique, Rennes, Bretagne, FR","institution_ids":["https://openalex.org/I4210133778"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5067698468"],"corresponding_institution_ids":["https://openalex.org/I68891433"],"apc_list":null,"apc_paid":null,"fwci":0.56375376,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.88108687,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"301","last_page":"308"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10054","display_name":"Parallel Computing and Optimization Techniques","score":0.992900013923645,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8044099807739258},{"id":"https://openalex.org/keywords/javascript","display_name":"JavaScript","score":0.6946122646331787},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.6896006464958191},{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.6681925654411316},{"id":"https://openalex.org/keywords/compiler","display_name":"Compiler","score":0.5573133826255798},{"id":"https://openalex.org/keywords/scripting-language","display_name":"Scripting language","score":0.5448735356330872},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.49268513917922974},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.40791141986846924},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.35316717624664307}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8044099807739258},{"id":"https://openalex.org/C544833334","wikidata":"https://www.wikidata.org/wiki/Q2005","display_name":"JavaScript","level":2,"score":0.6946122646331787},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.6896006464958191},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.6681925654411316},{"id":"https://openalex.org/C169590947","wikidata":"https://www.wikidata.org/wiki/Q47506","display_name":"Compiler","level":2,"score":0.5573133826255798},{"id":"https://openalex.org/C61423126","wikidata":"https://www.wikidata.org/wiki/Q187432","display_name":"Scripting language","level":2,"score":0.5448735356330872},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.49268513917922974},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.40791141986846924},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.35316717624664307}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/pst.2016.7906978","is_oa":false,"landing_page_url":"https://doi.org/10.1109/pst.2016.7906978","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2016 14th Annual Conference on Privacy, Security and Trust (PST)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W99657086","https://openalex.org/W164984320","https://openalex.org/W1514171102","https://openalex.org/W1978174330","https://openalex.org/W2009801020","https://openalex.org/W2012578421","https://openalex.org/W2086277109","https://openalex.org/W2098010707","https://openalex.org/W2111817346","https://openalex.org/W2111927651","https://openalex.org/W2130366328","https://openalex.org/W2132806808","https://openalex.org/W2134633067","https://openalex.org/W2138517425","https://openalex.org/W2149230355","https://openalex.org/W2161992906","https://openalex.org/W2168843528","https://openalex.org/W4239813889","https://openalex.org/W4243006798","https://openalex.org/W4250948891","https://openalex.org/W6679080483"],"related_works":["https://openalex.org/W2350278424","https://openalex.org/W2071432835","https://openalex.org/W4239401009","https://openalex.org/W4234371507","https://openalex.org/W1628824497","https://openalex.org/W4299534542","https://openalex.org/W2357088637","https://openalex.org/W2759596553","https://openalex.org/W4247806713","https://openalex.org/W4378700020"],"abstract_inverted_index":{"JavaScript":[0,8],"(JS)":[1],"engines":[2,11],"are":[3,135],"virtual":[4],"machines":[5],"that":[6,160,172],"execute":[7],"code.":[9],"These":[10],"find":[12],"frequent":[13],"application":[14],"in":[15,45,64,178,203,239],"web":[16],"browsers":[17],"like":[18,54],"Google":[19,154,240],"Chrome,":[20],"Mozilla":[21],"Firefox,":[22],"Microsoft":[23],"Internet":[24],"Explorer":[25],"and":[26,49,100,126,147,164,181,188],"Apple":[27],"Safari.":[28],"Since,":[29],"the":[30,82,102,140,176,184,206],"purpose":[31],"of":[32,124],"a":[33,46,76,119,150,167,229],"JS":[34],"engine":[35,157],"is":[36,50,115,197,209,222],"to":[37,52,80,89,117,137,153],"produce":[38],"executable":[39],"code,":[40,180],"it":[41],"cannot":[42],"be":[43],"run":[44],"non-executable":[47],"environment,":[48],"susceptible":[51],"attacks":[53,84],"Just-in-Time":[55],"(JIT)":[56],"Spraying,":[57],"which":[58],"embed":[59],"return-oriented":[60],"programming":[61],"(ROP)":[62],"gadgets":[63],"arithmetic":[65,125],"or":[66],"logical":[67,127],"instructions":[68,128],"as":[69,85,109,149],"immediate":[70],"offsets.":[71],"This":[72],"paper":[73],"introduces":[74],"libmask,":[75],"JIT":[77],"compiler":[78],"extension":[79,152],"prevent":[81],"JIT-spraying":[83],"an":[86],"effective":[87],"alternative":[88],"XOR":[90],"based":[91],"constant":[92,114,236],"blinding.":[93],"libmask":[94,166,173],"transforms":[95],"constants":[96,177],"into":[97],"global":[98,107],"variables":[99,108],"marks":[101],"memory":[103,120,133,196,207],"area":[104],"for":[105,186],"these":[106,132],"read":[110],"only.":[111],"Hence,":[112],"any":[113],"referred":[116],"by":[118],"address":[121],"making":[122],"exploitation":[123],"more":[129],"difficult.":[130],"Further,":[131,224],"addresses":[134],"randomized":[136],"further":[138],"harden":[139],"security.":[141],"The":[142,191,214],"scheme":[143],"has":[144],"been":[145],"implemented":[146],"evaluated":[148],"librddy":[151],"V8":[155],"scripting":[156],"with":[158,219],"optimizations":[159,220],"contain":[161],"performance":[162,216,231],"overhead":[163,193,208,217],"make":[165],"feasible":[168],"approach.":[169],"We":[170],"demonstrate":[171],"masks":[174],"all":[175],"JITed":[179],"effectively":[182],"raise":[183],"bar":[185],"JIT-spray":[187],"JITROP":[189],"attacks.":[190],"average":[192,215],"incurred":[194],"upon":[195],"less":[198,210],"than":[199,211],"300":[200],"kilobytes,":[201],"while":[202],"most":[204],"benchmarks":[205],"10":[212],"KB.":[213],"observed":[218],"measures":[221],"5.31%.":[223],"this":[225],"new":[226],"approach":[227],"shows":[228],"modest":[230],"improvement":[232],"over":[233],"currently":[234],"deployed":[235],"blinding":[237],"technique":[238],"V8.":[241]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}