Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2011-06-07
2011-06-07
Zand, Kambiz (Department: 2434)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S024000
Reexamination Certificate
active
07958558
ABSTRACT:
Mechanisms have been developed for securing computational systems against certain forms of attack. In particular, it has been discovered that, by maintaining and selectively propagating taint status for storage locations in correspondence with information flows of instructions executed by a computing system, it is possible to provide a security (or other appropriate) response if and when a control transfer (or other restricted use) is attempted based on tainted data. By employing aging in decisions to propagate, it is possible limit overheads associated with such tracking. In some embodiments, a decay oriented metric is applied and further propagation of taints is interrupted once aging reaches a predetermined decay threshold. In some embodiments, more generalized labels may be maintained and selectively propagated based on an aging metric. For example, in some embodiments, labels may be employed to code source designation or classification, aging, popularity/frequency of access or taint.
REFERENCES:
patent: 7490353 (2009-02-01), Kohavi
patent: 2004/0083202 (2004-04-01), Mu et al.
patent: 2005/0273854 (2005-12-01), Chess et al.
patent: 2006/0277604 (2006-12-01), Pandit et al.
patent: 2007/0250930 (2007-10-01), Aziz et al.
patent: 2007/0271617 (2007-11-01), Mitomo et al.
patent: 612363 (1979-07-01), None
Newsome (Newsome J., et al., “Vulnerability-Specific Execution Filtering for Exploit Prevention on Commodity Software,” School of Computer Science, Carnegie Mellon University, Pittsburgh, PA, CMU-CS-05-169, Nov. 2005).
Po (Kai Yi Po, Determining Intrusion Activity for File-System Recovery, University of Toronto, 2005).
Ho (Ho et al., “Practical Taint-Based Protection using Demand Emulation”, EuroSys 06, Apr. 18-21, 2006, Leuven Belgium, ACM 2006).
Haldar (Vivek Haldar, “Deepak Chandra , Michael Franz, Dynamic Taint Propagation for Java”, Proceedings of the 21st Annual Computer Security Applications Conference, p. 303-311, Dec. 5-9, 2005).
Abadi M. et al., “Control-Flow Integrity,” Microsoft Technical Report MSR-TR-05-18, pp. 340-353, (Oct. 2005).
Garfinkel T. et al., “Terra: A Virtual Machine-Based Platform for Trusted Computing,” Copyright 2003 ACM, pp. 193-206, Oct. 19-22, 2003.
Kiriansky V. et al., “Secure Execution Via Program Shepherding,” Proceedings of the 11th USENIX Security Symposium (2002).
Suh G. E. et al., “Secure Program Execution via Dynamic Information Flow Tracking,” Proceedings of the 11th international Conference on Architectural Support for Programming Languages and Operating Systems (2004), pp. 85-96.
Chow J., et al., “Understanding Data Lifetime via Whole System Simulation,” Proceedings of the 13th USENIX Security Symposium, 17 pages (Aug. 2004).
Newsome J., et al., “Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software,” School of Computer Science, Carnegie Mellon University, Pittsburgh, PA, CMU-CS-04-140, (Last updated Jul. 2005), pp. 1-38.
Newsome J., et al., “Vulnerability-Specific Execution Filtering for Exploit Prevention on Commodity Software,” School of Computer Science, Carnegie Mellon University, Pittsburgh, PA, CMU-CS-05-169, (Last modified Nov. 2005), pp. 1-28.
Ho, Alex et al., “Practical Taint-Based Protection Using Demand Emulation” EuroSys '06, Apr. 18-21, 2006, Leuven, Belgium, ACM © 2006, 13 pages.
Leake Edward N.
Pike Geoffrey
Poltorak Peter
VMware, Inc.
Zand Kambiz
LandOfFree
Computational system including mechanisms for tracking... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Computational system including mechanisms for tracking..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Computational system including mechanisms for tracking... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2736650