CN109478217B - 使用基于偏移的虚拟地址映射对目标应用功能的基于内核的检测 - Google Patents

使用基于偏移的虚拟地址映射对目标应用功能的基于内核的检测 Download PDF

Info

Publication number
CN109478217B
CN109478217B CN201780045936.8A CN201780045936A CN109478217B CN 109478217 B CN109478217 B CN 109478217B CN 201780045936 A CN201780045936 A CN 201780045936A CN 109478217 B CN109478217 B CN 109478217B
Authority
CN
China
Prior art keywords
application
virtual address
mapping table
address mapping
binary
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201780045936.8A
Other languages
English (en)
Chinese (zh)
Other versions
CN109478217A (zh
Inventor
S·K·德
S·S·乔治
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of CN109478217A publication Critical patent/CN109478217A/zh
Application granted granted Critical
Publication of CN109478217B publication Critical patent/CN109478217B/zh
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/10Address translation
    • G06F12/1009Address translation using page tables, e.g. page table structures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/12Replacement control
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/565Static detection by checking file integrity
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Prevention of errors by analysis, debugging or testing of software
    • G06F11/3604Analysis of software for verifying properties of programs
    • G06F11/3612Analysis of software for verifying properties of programs by runtime analysis
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/10Providing a specific technical effect
    • G06F2212/1052Security improvement
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/65Details of virtual memory and virtual address translation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Quality & Reliability (AREA)
  • Storage Device Security (AREA)
  • Devices For Executing Special Programs (AREA)
  • Debugging And Monitoring (AREA)
  • Stored Programmes (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Memory System Of A Hierarchy Structure (AREA)
  • Executing Machine-Instructions (AREA)
CN201780045936.8A 2016-07-29 2017-06-30 使用基于偏移的虚拟地址映射对目标应用功能的基于内核的检测 Expired - Fee Related CN109478217B (zh)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US201662368223P 2016-07-29 2016-07-29
US62/368,223 2016-07-29
US15/465,515 US10360383B2 (en) 2016-07-29 2017-03-21 Kernel-based detection of target application functionality using offset-based virtual address mapping
US15/465,515 2017-03-21
PCT/US2017/040502 WO2018022257A1 (en) 2016-07-29 2017-06-30 Kernel-based detection of target application functionality using offset-based virtual address mapping

Publications (2)

Publication Number Publication Date
CN109478217A CN109478217A (zh) 2019-03-15
CN109478217B true CN109478217B (zh) 2021-12-28

Family

ID=61009931

Family Applications (3)

Application Number Title Priority Date Filing Date
CN201780045936.8A Expired - Fee Related CN109478217B (zh) 2016-07-29 2017-06-30 使用基于偏移的虚拟地址映射对目标应用功能的基于内核的检测
CN201780046239.4A Pending CN109564608A (zh) 2016-07-29 2017-06-30 对用于应用二进制代码的经更新的版本的目标应用功能的虚拟存储器地址进行更新
CN201780045934.9A Active CN109643343B (zh) 2016-07-29 2017-06-30 使用虚拟地址映射对目标应用功能的基于内核的检测

Family Applications After (2)

Application Number Title Priority Date Filing Date
CN201780046239.4A Pending CN109564608A (zh) 2016-07-29 2017-06-30 对用于应用二进制代码的经更新的版本的目标应用功能的虚拟存储器地址进行更新
CN201780045934.9A Active CN109643343B (zh) 2016-07-29 2017-06-30 使用虚拟地址映射对目标应用功能的基于内核的检测

Country Status (9)

Country Link
US (3) US10289847B2 (enExample)
EP (3) EP3491570A1 (enExample)
JP (3) JP2019528515A (enExample)
KR (3) KR20190038543A (enExample)
CN (3) CN109478217B (enExample)
BR (2) BR112019001506A2 (enExample)
SG (3) SG11201811213XA (enExample)
TW (3) TWI686744B (enExample)
WO (3) WO2018022255A1 (enExample)

Families Citing this family (43)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9754112B1 (en) * 2014-11-24 2017-09-05 Bluerisc, Inc. Detection and healing of vulnerabilities in computer code
US10289847B2 (en) 2016-07-29 2019-05-14 Qualcomm Incorporated Updating virtual memory addresses of target application functionalities for an updated version of application binary code
US10754988B2 (en) * 2016-08-30 2020-08-25 Winbond Electronics Corporation Anti-rollback version upgrade in secured memory chip
US10275596B1 (en) * 2016-12-15 2019-04-30 Symantec Corporation Activating malicious actions within electronic documents
US10362047B2 (en) * 2017-05-08 2019-07-23 KnowBe4, Inc. Systems and methods for providing user interfaces based on actions associated with untrusted emails
US10795659B1 (en) * 2017-11-02 2020-10-06 Virtuozzo International Gmbh System and method for live patching processes in user space
US10496437B2 (en) 2017-11-14 2019-12-03 International Business Machines Corporation Context switch by changing memory pointers
US10761983B2 (en) * 2017-11-14 2020-09-01 International Business Machines Corporation Memory based configuration state registers
US10592164B2 (en) 2017-11-14 2020-03-17 International Business Machines Corporation Portions of configuration state registers in-memory
US10558366B2 (en) 2017-11-14 2020-02-11 International Business Machines Corporation Automatic pinning of units of memory
US10552070B2 (en) 2017-11-14 2020-02-04 International Business Machines Corporation Separation of memory-based configuration state registers based on groups
US10635602B2 (en) 2017-11-14 2020-04-28 International Business Machines Corporation Address translation prior to receiving a storage reference using the address to be translated
US10642757B2 (en) 2017-11-14 2020-05-05 International Business Machines Corporation Single call to perform pin and unpin operations
US10698686B2 (en) 2017-11-14 2020-06-30 International Business Machines Corporation Configurable architectural placement control
US10664181B2 (en) 2017-11-14 2020-05-26 International Business Machines Corporation Protecting in-memory configuration state registers
US10901738B2 (en) 2017-11-14 2021-01-26 International Business Machines Corporation Bulk store and load operations of configuration state registers
US10761751B2 (en) 2017-11-14 2020-09-01 International Business Machines Corporation Configuration state registers grouped based on functional affinity
JP7013297B2 (ja) * 2018-03-22 2022-01-31 株式会社セキュアブレイン 不正検知装置、不正検知ネットワークシステム、及び不正検知方法
US11182283B2 (en) 2018-09-26 2021-11-23 Apple Inc. Allocation of memory within a data type-specific memory heap
CN109858239B (zh) * 2019-01-16 2020-01-17 四川大学 一种动静态结合的容器内cpu漏洞攻击程序检测方法
US10936507B2 (en) * 2019-03-28 2021-03-02 Intel Corporation System, apparatus and method for application specific address mapping
US11468881B2 (en) * 2019-03-29 2022-10-11 Samsung Electronics Co., Ltd. Method and system for semantic intelligent task learning and adaptive execution
US11561814B2 (en) * 2019-05-15 2023-01-24 Vmware, Inc. Browser-driven capture of application installations for application virtualization
US11061819B2 (en) 2019-05-28 2021-07-13 Micron Technology, Inc. Distributed computing based on memory as a service
US11169930B2 (en) 2019-05-28 2021-11-09 Micron Technology, Inc. Fine grain data migration to or from borrowed memory
US12436804B2 (en) 2019-05-28 2025-10-07 Micron Technology, Inc. Memory as a service for artificial neural network (ANN) applications
CN110598378B (zh) * 2019-08-01 2023-07-18 华为技术有限公司 全局偏移表度量方法、动态度量方法及相关装置、设备
KR102693699B1 (ko) * 2019-09-06 2024-08-12 삼성전자 주식회사 전자 장치에서 어플리케이션 업데이트 시 런타임 성능 개선 방법 및 장치
CN110888773B (zh) * 2019-10-28 2023-06-06 北京字节跳动网络技术有限公司 一种获取线程标识的方法、装置、介质和电子设备
TWI728637B (zh) * 2020-01-02 2021-05-21 中華電信股份有限公司 資訊安全防護方法及電腦可讀媒介
US11610020B2 (en) * 2020-04-07 2023-03-21 Mcafee, Llc Securing sensitive user data stored locally by an application
US11783042B2 (en) * 2020-06-17 2023-10-10 Qualcomm Incorporated Access control system and method for isolating mutually distrusting security domains
US11599342B2 (en) * 2020-09-28 2023-03-07 Red Hat, Inc. Pathname independent probing of binaries
CN113190448B (zh) * 2021-05-06 2022-11-04 网易(杭州)网络有限公司 测试代码更新方法及装置、电子设备、存储介质
CN113190237B (zh) * 2021-05-10 2024-01-19 北京百度网讯科技有限公司 数据处理方法、系统和装置
US11902398B2 (en) 2021-06-22 2024-02-13 Bizdata Inc. System and method to integrate data from one application to another application
US11934533B2 (en) 2021-06-22 2024-03-19 Microsoft Technology Licensing, Llc Detection of supply chain-related security threats to software applications
CN114268514B (zh) * 2021-11-30 2022-11-08 国汽智控(北京)科技有限公司 车辆与上位机的通信方法、装置及系统
CN114448815B (zh) * 2021-12-27 2023-11-03 天翼云科技有限公司 基于网络拓扑的cdn节点数据生成方法、装置及计算机设备
US11928460B2 (en) * 2022-04-20 2024-03-12 International Business Machines Corporation Dynamic update of a computer program in memory
TWI875076B (zh) * 2023-07-12 2025-03-01 新唐科技股份有限公司 用於執行空中更新韌體的微控制器及方法
KR20250080304A (ko) * 2023-11-28 2025-06-05 삼성전자주식회사 저널 데이터 생성 방법, 저널 리플레이 수행 방법, 및 스토리지 장치
CN119227067B (zh) * 2024-12-05 2025-03-07 成都数默科技有限公司 一种基于ai的二进制同源样本分析方法

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6681331B1 (en) * 1999-05-11 2004-01-20 Cylant, Inc. Dynamic software system intrusion detection
CN101315602A (zh) * 2008-05-09 2008-12-03 浙江大学 硬件化的进程内存管理核的方法
CN104461905A (zh) * 2014-12-30 2015-03-25 东信和平科技股份有限公司 一种智能卡虚拟机、api库与上层应用同时调试的方法及系统
CN104572046A (zh) * 2013-10-16 2015-04-29 腾讯科技(深圳)有限公司 一种堆栈还原方法和计算机系统

Family Cites Families (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5572590A (en) 1994-04-12 1996-11-05 International Business Machines Corporation Discrimination of malicious changes to digital information using multiple signatures
JP3011115B2 (ja) * 1997-01-17 2000-02-21 日本電気株式会社 デバッグシステム
US6988271B2 (en) 1998-10-02 2006-01-17 Microsoft Corporation Heavyweight and lightweight instrumentation
US6785818B1 (en) 2000-01-14 2004-08-31 Symantec Corporation Thwarting malicious registry mapping modifications and map-loaded module masquerade attacks
US6477612B1 (en) 2000-02-08 2002-11-05 Microsoft Corporation Providing access to physical memory allocated to a process by selectively mapping pages of the physical memory with virtual memory allocated to the process
US20020178375A1 (en) * 2001-01-31 2002-11-28 Harris Corporation Method and system for protecting against malicious mobile code
US6598144B1 (en) * 2001-12-12 2003-07-22 Advanced Micro Devices, Inc. Arrangement for limiting access to addresses by a consumer process instigating work in a channel adapter based on virtual address mapping
US7213123B2 (en) * 2002-10-24 2007-05-01 International Business Machines Corporation Method and apparatus for mapping debugging information when debugging integrated executables in a heterogeneous architecture
GB0623276D0 (en) * 2006-11-22 2007-01-03 Transitive Ltd Memory consistency protection in a multiprocessor computing system
JP4763743B2 (ja) * 2008-03-28 2011-08-31 日本電信電話株式会社 プログラム動作比較装置及び方法及びプログラム
EP2151763A1 (en) 2008-07-28 2010-02-10 Nagravision S.A. Method and apparatus for obfuscating virtual to physical memory mapping
US9235704B2 (en) 2008-10-21 2016-01-12 Lookout, Inc. System and method for a scanning API
CN101430662B (zh) * 2008-12-09 2010-10-06 东信和平智能卡股份有限公司 Java语言程序与虚拟机程序共同调试的方法
US8117422B2 (en) 2009-02-05 2012-02-14 Texas Instruments Incorporated Fast address translation for linear and circular modes
US8271450B2 (en) 2009-10-01 2012-09-18 Vmware, Inc. Monitoring a data structure in a virtual machine and determining if memory pages containing the data structure are swapped into or out of guest physical memory
TWI432987B (zh) 2011-03-15 2014-04-01 Phison Electronics Corp 記憶體儲存裝置、其記憶體控制器與病毒掃描方法
US8943330B2 (en) 2011-05-10 2015-01-27 Qualcomm Incorporated Apparatus and method for hardware-based secure data processing using buffer memory address range rules
US9032526B2 (en) 2011-05-12 2015-05-12 Microsoft Technology Licensing, Llc Emulating mixed-code programs using a virtual machine instance
US8566935B2 (en) 2011-05-12 2013-10-22 At&T Intellectual Property I, L.P. Balancing malware rootkit detection with power consumption on mobile devices
CN102243595B (zh) * 2011-08-03 2014-02-19 浙江大学 基于MMU架构的Java Card系统组件更新方法
US8897762B2 (en) * 2012-02-28 2014-11-25 Qualcomm Incorporated Optimizing signaling load overhead and battery consumption for background applications
IL219597A0 (en) 2012-05-03 2012-10-31 Syndrome X Ltd Malicious threat detection, malicious threat prevention, and a learning systems and methods for malicious threat detection and prevention
US20130301830A1 (en) * 2012-05-08 2013-11-14 Hagai Bar-El Device, system, and method of secure entry and handling of passwords
US8819772B2 (en) 2012-06-25 2014-08-26 Appthority, Inc. In-line filtering of insecure or unwanted mobile device software components or communications
CN102855138B (zh) * 2012-07-20 2015-12-09 腾讯科技(深圳)有限公司 一种api的拦截方法、装置及移动终端
US9268936B2 (en) 2012-07-27 2016-02-23 Mandiant, Llc Physical memory forensics system and method
US9092327B2 (en) * 2012-12-10 2015-07-28 Qualcomm Incorporated System and method for allocating memory to dissimilar memory devices using quality of service
US9311011B2 (en) * 2013-08-07 2016-04-12 Qualcomm Incorporated Dynamic address negotiation for shared memory regions in heterogenous multiprocessor systems
CA2923231C (en) * 2013-09-12 2020-06-02 Virsec Systems, Inc. Automated runtime detection of malware
US9489313B2 (en) 2013-09-24 2016-11-08 Qualcomm Incorporated Conditional page fault control for page residency
US10108409B2 (en) * 2014-01-03 2018-10-23 Visa International Service Association Systems and methods for updatable applets
US9721212B2 (en) 2014-06-04 2017-08-01 Qualcomm Incorporated Efficient on-device binary analysis for auto-generated behavioral models
US9721660B2 (en) 2014-10-24 2017-08-01 Microsoft Technology Licensing, Llc Configurable volatile memory without a dedicated power source for detecting a data save trigger condition
CN105117648A (zh) * 2015-07-29 2015-12-02 杭州安恒信息技术有限公司 一种基于虚拟机的0day/恶意文档检测系统及方法
US10289847B2 (en) 2016-07-29 2019-05-14 Qualcomm Incorporated Updating virtual memory addresses of target application functionalities for an updated version of application binary code

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6681331B1 (en) * 1999-05-11 2004-01-20 Cylant, Inc. Dynamic software system intrusion detection
CN101315602A (zh) * 2008-05-09 2008-12-03 浙江大学 硬件化的进程内存管理核的方法
CN104572046A (zh) * 2013-10-16 2015-04-29 腾讯科技(深圳)有限公司 一种堆栈还原方法和计算机系统
CN104461905A (zh) * 2014-12-30 2015-03-25 东信和平科技股份有限公司 一种智能卡虚拟机、api库与上层应用同时调试的方法及系统

Also Published As

Publication number Publication date
CN109643343B (zh) 2023-09-15
CN109564608A (zh) 2019-04-02
CN109643343A (zh) 2019-04-16
SG11201811216WA (en) 2019-02-27
TW201805806A (zh) 2018-02-16
CN109478217A (zh) 2019-03-15
US10289847B2 (en) 2019-05-14
BR112019001506A2 (pt) 2019-05-07
EP3491570A1 (en) 2019-06-05
US20180032731A1 (en) 2018-02-01
SG11201811211TA (en) 2019-02-27
JP6704504B2 (ja) 2020-06-03
EP3491568B1 (en) 2022-02-23
US10360383B2 (en) 2019-07-23
WO2018022257A1 (en) 2018-02-01
JP6704503B2 (ja) 2020-06-03
US10380342B2 (en) 2019-08-13
US20180032441A1 (en) 2018-02-01
TW201807576A (zh) 2018-03-01
JP2019527892A (ja) 2019-10-03
BR112019001511A2 (pt) 2019-04-30
KR20190038544A (ko) 2019-04-08
JP2019528515A (ja) 2019-10-10
TWI696950B (zh) 2020-06-21
BR112019001479A2 (pt) 2019-04-30
EP3491569A1 (en) 2019-06-05
KR20190038542A (ko) 2019-04-08
KR102097256B1 (ko) 2020-04-03
EP3491569B1 (en) 2020-04-22
WO2018022256A1 (en) 2018-02-01
KR102058326B1 (ko) 2019-12-20
US20180032721A1 (en) 2018-02-01
SG11201811213XA (en) 2019-02-27
JP2019526123A (ja) 2019-09-12
TWI686744B (zh) 2020-03-01
EP3491568A1 (en) 2019-06-05
KR20190038543A (ko) 2019-04-08
WO2018022255A1 (en) 2018-02-01
TW201807570A (zh) 2018-03-01

Similar Documents

Publication Publication Date Title
CN109478217B (zh) 使用基于偏移的虚拟地址映射对目标应用功能的基于内核的检测
Hu et al. Identifying arbitrary memory access vulnerabilities in privilege-separated software
González Taxi: Defeating code reuse attacks with tagged memory
HK40003337A (en) Kernel-based detection of target application functionality using offset-based virtual address mapping
HK40005784A (en) Kernel-based detection of target application functionality using virtual address mapping
HK40005417A (en) Updating virtual memory addresses of target application functionalities for an updated version of application binary code
Bouffard et al. Heap Hop! heap is also vulnerable
CN117725577B (zh) 一种通过内存管理单元突破恶意软件防护的方法、装置
Saeed et al. Tag‐Protector: An Effective and Dynamic Detection of Illegal Memory Accesses through Compile Time Code Instrumentation
Martinez Santos et al. Static secure page allocation for light-weight dynamic information flow tracking
Galea et al. SUDUTA: Script UAF Detection Using Taint Analysis
Chen et al. Evaluating Kernel Anti-Exploitation Capabilities: A Scalable and General Framework Based on Evaluatology
Ahad et al. FreePart: Hardening Data Processing Software via Framework-based Partitioning and Isolation
Saito et al. Safe trans loader: mitigation and prevention of memory corruption attacks for released binaries
An Prevention of C/C++ Pointer Vulnerability
BR112019001479B1 (pt) Detecção baseada em núcleo de funcionalidade de aplicação alvo utilizando mapeamento de endereços virtuais
Davidson et al. Kevlar: Transitioning Helix from Research to Practice

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 40003337

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20211228