SG135173A1 - Method for preventing malicious software from execution within a computer system. - Google Patents

Method for preventing malicious software from execution within a computer system.

Info

Publication number
SG135173A1
SG135173A1 SG200701830-2A SG2007018302A SG135173A1 SG 135173 A1 SG135173 A1 SG 135173A1 SG 2007018302 A SG2007018302 A SG 2007018302A SG 135173 A1 SG135173 A1 SG 135173A1
Authority
SG
Singapore
Prior art keywords
computer system
execution
application program
instructions
permuted
Prior art date
Application number
SG200701830-2A
Inventor
David C Challener
Mark C Davis
Peter Hortensius
Rod D Waltermann
Original Assignee
Lenovo Singapore Pte Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US11/353,893 external-priority patent/US8694797B2/en
Priority claimed from US11/353,896 external-priority patent/US8041958B2/en
Application filed by Lenovo Singapore Pte Ltd filed Critical Lenovo Singapore Pte Ltd
Publication of SG135173A1 publication Critical patent/SG135173A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/561Virus type analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Devices For Executing Special Programs (AREA)
  • Storage Device Security (AREA)
  • Retry When Errors Occur (AREA)

Abstract

A method for preventing malicious software from execution within a computer system is disclosed. A permutation is performed on a subset of instructions within an application program to yield a permuted sequence of instructions before any actual execution of the application program on the computer system. A permutation sequence number-of the permuted sequence of instructions is stored in a permuted instruction pointer table. The permuted sequence of instructions is executed in an execution module that is capable of translating the permuted sequence of instructions to an actual machine code of a processor within the computer system according to the permutation sequence number of the permuted sequence of instructions stored in the permated, instruction pointer table. A method for preventing malicious software from execution within a computer system is disclosed. Before any actual execution of an application program on a computer system, the application program needs to be cross-compiled to yield a set of cross-compiled code of the application program. The set of cross- compiled code of the application program can then be executed in an execution module that is capable of recognizing and translating the set of cross- compiled code of the application program to the actual machine code of the processor.
SG200701830-2A 2006-02-14 2007-02-13 Method for preventing malicious software from execution within a computer system. SG135173A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/353,893 US8694797B2 (en) 2006-02-14 2006-02-14 Method for preventing malicious software from execution within a computer system
US11/353,896 US8041958B2 (en) 2006-02-14 2006-02-14 Method for preventing malicious software from execution within a computer system

Publications (1)

Publication Number Publication Date
SG135173A1 true SG135173A1 (en) 2007-09-28

Family

ID=37908644

Family Applications (1)

Application Number Title Priority Date Filing Date
SG200701830-2A SG135173A1 (en) 2006-02-14 2007-02-13 Method for preventing malicious software from execution within a computer system.

Country Status (5)

Country Link
JP (1) JP4575350B2 (en)
DE (1) DE102007005887B4 (en)
FR (1) FR2897452B1 (en)
GB (1) GB2436442B (en)
SG (1) SG135173A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016164520A1 (en) * 2015-04-07 2016-10-13 Kaprica Security, Inc. System and method of obfuscation through binary and memory diversity

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000056966A (en) * 1998-08-07 2000-02-25 Nippon Telegr & Teleph Corp <Ntt> Micro processor system, and micro processor operation analysis preventing method
JP4042280B2 (en) * 1999-12-21 2008-02-06 富士ゼロックス株式会社 Execution program generation method and execution program generation apparatus, execution program execution method, and computer-readable program storage medium
US6507904B1 (en) * 2000-03-31 2003-01-14 Intel Corporation Executing isolated mode instructions in a secure system running in privilege rings
FR2841997B1 (en) * 2002-07-08 2005-11-11 Gemplus Card Int SECURING APPLICATION DOWNLOADED IN PARTICULAR IN A CHIP CARD
JP4568489B2 (en) * 2003-09-11 2010-10-27 富士通株式会社 Program protection method, program protection program, and program protection apparatus
US7363620B2 (en) 2003-09-25 2008-04-22 Sun Microsystems, Inc. Non-linear execution of application program instructions for application program obfuscation
US7424620B2 (en) 2003-09-25 2008-09-09 Sun Microsystems, Inc. Interleaved data and instruction streams for application program obfuscation
US7493483B2 (en) 2004-02-19 2009-02-17 International Business Machines Corporation Method to prevent vulnerability to virus and worm attacks through instruction remapping

Also Published As

Publication number Publication date
GB2436442A (en) 2007-09-26
IE20070090A1 (en) 2007-09-19
JP4575350B2 (en) 2010-11-04
DE102007005887A1 (en) 2007-08-30
FR2897452B1 (en) 2016-12-09
DE102007005887B4 (en) 2019-06-13
IE20080383A1 (en) 2008-08-20
GB2436442B (en) 2008-04-16
FR2897452A1 (en) 2007-08-17
GB0702890D0 (en) 2007-03-28
JP2007220091A (en) 2007-08-30

Similar Documents

Publication Publication Date Title
WO2008067357A3 (en) System for overriding bytecode, which should be interpreted, with native code, which can be directly executed
DE602006008166D1 (en) Concealment of computer program codes
GB2509438A (en) Compiling code for enhanced application binary interface (abi) with decode time instruction optimization
WO2008074382A8 (en) Obfuscating computer program code
TW200701059A (en) Data access and permute unit
GB2442495B (en) Method and apparatus for handling dynamically linked function cells with respect to program code conversion
WO2014071242A3 (en) Cross-platform data visualizations using a generic graph description
MY154086A (en) Data processing apparatus and method
EP2677424A3 (en) OpenCL compilation
WO2009134927A3 (en) Business software application system and method
MY158864A (en) Decoding Instructions from Multiple Instruction Sets
WO2006085639A3 (en) Methods and apparatus for instruction set emulation
CN103413074B (en) A kind of method and apparatus being realized software protection by API
CN105718765A (en) Method for achieving code obfuscation through finite automaton
WO2014082422A1 (en) Method and device for code change detection
Møller Technical perspective: WebAssembly: A quiet revolution of the Web
TW200615797A (en) Computer-working-environment apparatus
GB201205560D0 (en) Location text
GB2488941A (en) Concurrent execution of request processing and analytics of requests
WO2018176814A1 (en) Personalized component implementation method and device
TW200717312A (en) Dma chain
BR102013015403A8 (en) DATA RELIABILITY PROCESS ON A COMPUTER, THE OWN COMPUTER TO PROVIDE OUTPUT DATA, COMMUNICATION SET THAT SUPPORTS SUCH COMPUTER, AND RAILWAY MANAGEMENT SYSTEM THAT COMPRISES SUCH SET
CN104516726A (en) Instruction processing method and device
TW200709041A (en) Computer system or processor with method of performing a shadow register operation
SG135173A1 (en) Method for preventing malicious software from execution within a computer system.