Information security – Monitoring or scanning of software or data including attack...
Reexamination Certificate
2003-12-18
2009-10-13
Moazzami, Nasser G (Department: 2436)
Information security
Monitoring or scanning of software or data including attack...
C726S023000
Reexamination Certificate
active
07603704
ABSTRACT:
Hijacking of an application is prevented by monitoring control flow transfers during program execution in order to enforce a security policy. At least three basic techniques are used. The first technique, Restricted Code Origins (RCO), can restrict execution privileges on the basis of the origins of instruction executed. This distinction can ensure that malicious code masquerading as data is never executed, thwarting a large class of security attacks. The second technique, Restricted Control Transfers (RCT), can restrict control transfers based on instruction type, source, and target. The third technique, Un-Circumventable Sandboxing (UCS), guarantees that sandboxing checks around any program operation will never be bypassed.
REFERENCES:
patent: 5193180 (1993-03-01), Hastings
patent: 5974549 (1999-10-01), Golan
patent: 6185669 (2001-02-01), Hsu
patent: 6189141 (2001-02-01), Benitez
patent: 6199202 (2001-03-01), Coutant
patent: 6205545 (2001-03-01), Shah
patent: 6219832 (2001-04-01), Buzbee
patent: 6223339 (2001-04-01), Shah
patent: 6237065 (2001-05-01), Banerjia et al.
patent: 6243668 (2001-06-01), Le
patent: 6247172 (2001-06-01), Dunn
patent: 6255744 (2001-07-01), Shih
patent: 6275938 (2001-08-01), Bond et al.
patent: 6275981 (2001-08-01), Buzbee
patent: 6279081 (2001-08-01), Spencer
patent: 6295644 (2001-09-01), Hsu
patent: 6301699 (2001-10-01), Hollander et al.
patent: 6314560 (2001-11-01), Dunn
patent: 6317870 (2001-11-01), Mattson, Jr.
patent: 6327704 (2001-12-01), Mattson, Jr.
patent: 6351844 (2002-02-01), Bala
patent: 6374331 (2002-04-01), Janakiraman
patent: 6377287 (2002-04-01), Hao
patent: 6378029 (2002-04-01), Venkitakrishnan
patent: 6412071 (2002-06-01), Hollander et al.
patent: 6418530 (2002-07-01), Hsu
patent: 6430675 (2002-08-01), Hsu
patent: 6430741 (2002-08-01), Mattson, Jr.
patent: 6453411 (2002-09-01), Hsu
patent: 6470492 (2002-10-01), Bala et al.
patent: 6587888 (2003-07-01), Chieu et al.
patent: 6823460 (2004-11-01), Hollander et al.
patent: 6983463 (2006-01-01), Hunt
patent: 7013456 (2006-03-01), Van Dyke et al.
patent: 7124407 (2006-10-01), Wallman
patent: 7213153 (2007-05-01), Hollander
patent: 2003/0140245 (2003-07-01), Dahan et al.
Baratloo, et al., “Transparent Run-Time Defense Against Stack Smashing Attacks,” Proceedings of the Usenix Annual Technical Conference, Jun. 2000.
Bruening, et al., “Design and Implementation of a Dymanic Optimization Framework for Windows,” 4th Workshop on Feedback-Directed and Dymamic Optimization, Austin, Texas, Dec. 1, 2001.
Cowan, et al., “StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks,” In Proc. 7th Usenix Security Symposium, pp. 63-78, San Antonio, Texas, Jan. 1998.
Erlingsson, et al., “Sasi Enforcement of Security Policies: A Retrospective”, Proc. of the New Security Paradigms Workshop, Ontario, Canada, 22-24, Sep. 1999.
Frantzen, et al., “StackGhost: Hardware Facilitated Stack Protection,” In Proc. 10th Usenix Security Symposium, Washington, DC, Aug. 2001.
Ko, et al., “Detecting and Countering System Intrusions Using Software Wrappers,” In Proc. 9th Usenix Security Symposium, Denver, Colorado, Aug. 2000.
Schneider, “Enforceable Security Policies,” ACM Transactions on Information and System Security, vol. 3. No. 1, pp. 30-50, Feb. 2000.
Scott, et al., “Strata: A Software Dynamic Translation Infrastructure,” Workshop on Binary Translation Infrastructure, Sep. 8, 2001.
Wagner, et al., “Intrusion Detection via Static Analysis,” In IEEE Symposium on Security and Privacy, 2001.
Bala, et al., “Dynamo: A Transparent Dynamic Optimization System,” Proc. of the ACM Sigplan Conf., PLDI, Jun. 2000.
Chen, et al., “Mojo: A Dynamic Optimization System,” In 3rd ACM Workshop on Feedback-Directed and Dynamic Optimization, Dec. 2000.
Cmelik, et al., “Shade: A Fast Instruction-Set Simulator for Execution Profiling,” Sigmetrics, 1994.
Hastings, et al., “Purify: Fast Detection of Memory Leaks and Access Errors,” Proceedings of the Winter Usenix Conference, pp. 125-136, Jan. 1992.
Hollingsworth, et al., “Dynamic Program Instrumentation for Scalable Performance Tools,” Scalable High Performance Computing Confernce, Knoxville, May 1994.
Larus, et al., “Rewriting Executable Files to Measure Program Behavior,” Software Practice and Experience, vol. 24(2), pp. 197-218, Mar. 25, 1992.
Ung, et al., “Machine-Adaptable Dynamic Binary Translation,” Proc. of the ACM Sigplan Workshop on Dynamic and Adaptive Compilation and Optimization, Jan. 2000.
Das, “Unification-based Pointer Analysis with Directional Assignments,” In Proc ACM Sigplan Conf on Programming Language Design and Implementation, Vancouver, BC, Canada, Jun. 2000.
Kiriansky, et al., “Secure Execution Via Program Shepherding,” Laboratory for Computer Science, Massachusetts Institute of Technology, Cambridge, MA, no date.
U.S. Appl. No. 09/874,170, filed Jun. 4, 2001, Vasanth Bala.
U.S. Appl. No. 09/924,260, filed Aug. 8, 2001, Duesterwald.
U.S. Appl. No. 09/989,180, filed Nov. 21, 2001, Duesterwald.
U.S. Appl. No. 09/992,642, Nov. 13, 2001, Freudenberger.
U.S. Appl. No. 09/995,774, filed Nov. 29, 2001, Desoli.
U.S. Appl. No. 09/995,775, filed Nov. 29, 2001, Duesterwald.
U.S. Appl. No. 09/997,062, filed Nov. 29, 2001, Duesterwald.
U.S. Appl. No. 09/997,163, filed Nov. 29, 2001, Desoli.
U.S. Appl. No. 09/997,454, filed Nov. 29, 2001, Mateev.
U.S. Appl. No. 09/999,451, filed Nov. 15, 2001, Desoli.
U.S. Appl. No. 10/100,874, filed Mar. 19, 2002, Desoli.
U.S. Appl. No. 10/104,084, filed Mar. 22, 2002, Desoli.
U.S. Appl. No. 10/118,881, filed Apr. 9, 2002, Deusterwald.
U.S. Appl. No. 10/126,647, filed Apr. 19, 2002, Fisher.
U.S. Appl. No. 10/198,839, filed Jul. 19, 2002, Desoli.
U.S. Appl. No. 10/212,275, filed Aug. 5, 2002, Desoli.
Kiriansky et al., “Secure Execution Via Program Shepherding,” Proc. of the 11th Usenix Security Symp., Aug. 5-9, 2002.
Intel Pentium 4 and Intel Xeon Processor Optimization—Reference Manual, Intel Corporation, 1999-2001.
Document titled “pageexec00old,” http://pax.grsecurity.net/docs/pageexec.old.txt, Nov. 2000.
Document titled “pax01pageexec,” http://pax.grsecurity.net/docs/pageexec.txt, Mar. 15, 2003.
Document titled “zenith01Ipd,” www.securityfocus.com/bid/3103/discuss, Jul. 26, 2001.
“A ‘stack smashing’ technique protection tool for Linux,” vendicator-stackshield-info, http://angelfire.com/sk/stackshield/ info.html, Jan. 2000.
“Defeating Solar Designer's Non-executable Stack Patch,” www.securityfocus.com/archive/1/8470, Jan. 30, 1998.
Newsham, “Format String Attacks,” Guardent, Inc, Sep. 2000.
“Linux kernel patch from the Openwall Project,” www.openwall.com/linux/readme.shtml, Oct. 9, 2001.
“Tool Interface Standard (TIS) Executable and Linking Format (ELF) Specification, Version 1.2,” TIS Committee, May 1995.
Aleph One, “Smashing The Stack for Fun and Profit,” aleph96p49-14, Phrack Magazine, 1996.
Nergal, “The advanced return into lib(c) exploits: PAX case study,” nerga101p58-0x04, Phrack Magazine, www.phrack. org, Issue 58(4), Dec. 2001.
Kaempf, “Vudo-An Object Superstitiously Believed to Embody Magical Powers,” kaempf01p57-0x08, Phrack Magazine, 2001.
Bulba et al., “Bypassing Stackguard and Stackshield,” Phrack Magazine, vol. 10, Issue 56, May 1, 2000.
Deaver et al., “Wiggins/Redstone: An On-line Program Specializer,” www.hotchips.org/archives/hc11/3—Tue/hc99.s6.2.Deaver.pdf, 1999.
Ko et al., “Detecting and Countering System Intrusions Using Software Wrappers,” Proc. of the 9th Usenix Security Symp., Aug. 14-17, 2000.
Chen et al. “Mojo: A Dynamic Optimization System,” 4th ACM Workshop on feedback-directed and dynamic optimization
Amarasinghe Saman P.
Bruening Derek L.
Kiriansky Vladimir L.
Johnson Carlton V
Massachusetts Institute of Technology
Moazzami Nasser G
LandOfFree
Secure execution of a computer program using a code cache does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Secure execution of a computer program using a code cache, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Secure execution of a computer program using a code cache will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4075104