Retrofitting XoM for Stripped Binaries without Embedded Data Relocation
Chenke Luo
Network and Distributed System Security (NDSS) Symposium 2025 · Day 3 · Software Security: Code and Compiler
This talk introduces PXOM, a novel approach to implement **Execute-Only Memory (XOM)** for stripped binaries, aiming to significantly enhance defenses against advanced memory disclosure attacks like **Just-In-Time Return-Oriented Programming (JIT-ROP)**. Presented by Chenke Luo from Tsinghua University and Wuhan University, the research addresses a long-standing challenge in memory protection: how to enforce execute-only permissions on code pages without breaking legitimate program functionality due to embedded data. Traditional XOM implementations often struggle with the precise separation of code and data, leading to either crashes or security vulnerabilities.
AI review
Solid systems security research with a clear novel contribution: XOM enforcement on stripped binaries without data relocation, using unidirectional disassembly paired with kernel-enforced fine-grained read control. The 0.25% geometric mean overhead on SPEC 2017 is the kind of number that makes this deployable rather than academic, and the design decision to tolerate code-misidentified-as-data (rather than crash on it) shows genuine engineering maturity.