Information security – Monitoring or scanning of software or data including attack...
Reexamination Certificate
2006-08-01
2006-08-01
Song, Hosuk (Department: 2135)
Information security
Monitoring or scanning of software or data including attack...
C713S187000, C713S190000
Reexamination Certificate
active
07086088
ABSTRACT:
A method and system for preventing stack buffer overflow attacks in a computer system are disclosed. A computer system can prevent stack buffer overflow attacks by encrypting return addresses prior to pushing them onto the runtime stack. When an encrypted return address is popped off the runtime stack, the computer system decrypts the encrypted return address to determine the actual return address. A random encryption key can be used, which can be generated from the CPU's clock cycle counter. Multitasking environments can add a seed register to the task state so that each task can use a unique seed to encrypt the return addresses.
REFERENCES:
patent: 5881279 (1999-03-01), Lin et al.
patent: 6044220 (2000-03-01), Breternitz, Jr.
Immunix: Adaptive System Survivability, printed from http://www.cse.ogi.edu/DISC/projects/immunix, 2 pages, Mar. 26, 2002.
The IA-32 Intel® Architecture Software Developer's Manual, vol. 3: System Programming Guide, printed from http://www.developer.intel.com/design/pentium4/manuals/245472.htm, 1 page, Apr. 17, 2002.
Immunix.org: The Source for Secure Linux Components and Platforms, printed from http://immunix.org/stackguard.html, 2 pages, Mar. 26, 2002.
StackGuard Mechanism: Stack Integrity Checking, printed from http://immunix.org/StackGuard/mechanism.html, 1 page, Mar. 26, 2002.
Aleph One, “BoS: Smashing The Stack For Fun And Profit”, printed from http://immunix.org/StackGuard/profit.html, 38 pages, Mar. 26, 2002.
Cowan, Crispin et al., “StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks”, printed from http://www.cse.ogi.edu/DISC/projects/immunix, 15 pages.
Cowan Crispin et al., “Protecting Systems from Stack Smashing Attacks with StackGuard”, printed from http://www.cse.ogi.edu/DISC/projects/immunix, 11 pages.
Cowan Crispin et al., “Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade”, printed from http://www.cse.ogi.edu/DISC/projects/immunix, 11 pages, 1999.
Hinton Heather et al., “SAM: Security Adaptation Manager”, 10 pages.
Immunix.org: The Source for Secure Linux Components and Platforms, FormatGuard, printed from http://immunix.org/formatguard.html, 3 pages, Mar. 26, 2002.
Cowan Crispin et al., “FormatGuard: Automatic Protection From printf Format String Vulnerabilities”, WireX Communications, Inc., USENIX Security Symposium, Aug. 2001.
Banner & Witcoff , Ltd.
Nokia Inc.
Song Hosuk
LandOfFree
Preventing stack buffer overflow attacks does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Preventing stack buffer overflow attacks, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Preventing stack buffer overflow attacks will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3661117