CN109643343B - 使用虚拟地址映射对目标应用功能的基于内核的检测 - Google Patents

使用虚拟地址映射对目标应用功能的基于内核的检测 Download PDF

Info

Publication number
CN109643343B
CN109643343B CN201780045934.9A CN201780045934A CN109643343B CN 109643343 B CN109643343 B CN 109643343B CN 201780045934 A CN201780045934 A CN 201780045934A CN 109643343 B CN109643343 B CN 109643343B
Authority
CN
China
Prior art keywords
application
virtual address
binary
code
virtual
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201780045934.9A
Other languages
English (en)
Chinese (zh)
Other versions
CN109643343A (zh
Inventor
S·K·德
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of CN109643343A publication Critical patent/CN109643343A/zh
Application granted granted Critical
Publication of CN109643343B publication Critical patent/CN109643343B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/10Address translation
    • G06F12/1009Address translation using page tables, e.g. page table structures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/12Replacement control
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/565Static detection by checking file integrity
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Prevention of errors by analysis, debugging or testing of software
    • G06F11/3604Analysis of software for verifying properties of programs
    • G06F11/3612Analysis of software for verifying properties of programs by runtime analysis
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/10Providing a specific technical effect
    • G06F2212/1052Security improvement
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/65Details of virtual memory and virtual address translation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Quality & Reliability (AREA)
  • Storage Device Security (AREA)
  • Devices For Executing Special Programs (AREA)
  • Debugging And Monitoring (AREA)
  • Stored Programmes (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Memory System Of A Hierarchy Structure (AREA)
  • Executing Machine-Instructions (AREA)
CN201780045934.9A 2016-07-29 2017-06-30 使用虚拟地址映射对目标应用功能的基于内核的检测 Active CN109643343B (zh)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US201662368223P 2016-07-29 2016-07-29
US62/368,223 2016-07-29
US15/245,037 2016-08-23
US15/245,037 US10380342B2 (en) 2016-07-29 2016-08-23 Kernel-based detection of target application functionality using virtual address mapping
PCT/US2017/040492 WO2018022255A1 (en) 2016-07-29 2017-06-30 Kernel-based detection of target application functionality using virtual address mapping

Publications (2)

Publication Number Publication Date
CN109643343A CN109643343A (zh) 2019-04-16
CN109643343B true CN109643343B (zh) 2023-09-15

Family

ID=61009931

Family Applications (3)

Application Number Title Priority Date Filing Date
CN201780045936.8A Expired - Fee Related CN109478217B (zh) 2016-07-29 2017-06-30 使用基于偏移的虚拟地址映射对目标应用功能的基于内核的检测
CN201780046239.4A Pending CN109564608A (zh) 2016-07-29 2017-06-30 对用于应用二进制代码的经更新的版本的目标应用功能的虚拟存储器地址进行更新
CN201780045934.9A Active CN109643343B (zh) 2016-07-29 2017-06-30 使用虚拟地址映射对目标应用功能的基于内核的检测

Family Applications Before (2)

Application Number Title Priority Date Filing Date
CN201780045936.8A Expired - Fee Related CN109478217B (zh) 2016-07-29 2017-06-30 使用基于偏移的虚拟地址映射对目标应用功能的基于内核的检测
CN201780046239.4A Pending CN109564608A (zh) 2016-07-29 2017-06-30 对用于应用二进制代码的经更新的版本的目标应用功能的虚拟存储器地址进行更新

Country Status (9)

Country Link
US (3) US10289847B2 (enExample)
EP (3) EP3491570A1 (enExample)
JP (3) JP2019528515A (enExample)
KR (3) KR20190038543A (enExample)
CN (3) CN109478217B (enExample)
BR (2) BR112019001506A2 (enExample)
SG (3) SG11201811213XA (enExample)
TW (3) TWI686744B (enExample)
WO (3) WO2018022255A1 (enExample)

Families Citing this family (43)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9754112B1 (en) * 2014-11-24 2017-09-05 Bluerisc, Inc. Detection and healing of vulnerabilities in computer code
US10289847B2 (en) 2016-07-29 2019-05-14 Qualcomm Incorporated Updating virtual memory addresses of target application functionalities for an updated version of application binary code
US10754988B2 (en) * 2016-08-30 2020-08-25 Winbond Electronics Corporation Anti-rollback version upgrade in secured memory chip
US10275596B1 (en) * 2016-12-15 2019-04-30 Symantec Corporation Activating malicious actions within electronic documents
US10362047B2 (en) * 2017-05-08 2019-07-23 KnowBe4, Inc. Systems and methods for providing user interfaces based on actions associated with untrusted emails
US10795659B1 (en) * 2017-11-02 2020-10-06 Virtuozzo International Gmbh System and method for live patching processes in user space
US10496437B2 (en) 2017-11-14 2019-12-03 International Business Machines Corporation Context switch by changing memory pointers
US10761983B2 (en) * 2017-11-14 2020-09-01 International Business Machines Corporation Memory based configuration state registers
US10592164B2 (en) 2017-11-14 2020-03-17 International Business Machines Corporation Portions of configuration state registers in-memory
US10558366B2 (en) 2017-11-14 2020-02-11 International Business Machines Corporation Automatic pinning of units of memory
US10552070B2 (en) 2017-11-14 2020-02-04 International Business Machines Corporation Separation of memory-based configuration state registers based on groups
US10635602B2 (en) 2017-11-14 2020-04-28 International Business Machines Corporation Address translation prior to receiving a storage reference using the address to be translated
US10642757B2 (en) 2017-11-14 2020-05-05 International Business Machines Corporation Single call to perform pin and unpin operations
US10698686B2 (en) 2017-11-14 2020-06-30 International Business Machines Corporation Configurable architectural placement control
US10664181B2 (en) 2017-11-14 2020-05-26 International Business Machines Corporation Protecting in-memory configuration state registers
US10901738B2 (en) 2017-11-14 2021-01-26 International Business Machines Corporation Bulk store and load operations of configuration state registers
US10761751B2 (en) 2017-11-14 2020-09-01 International Business Machines Corporation Configuration state registers grouped based on functional affinity
JP7013297B2 (ja) * 2018-03-22 2022-01-31 株式会社セキュアブレイン 不正検知装置、不正検知ネットワークシステム、及び不正検知方法
US11182283B2 (en) 2018-09-26 2021-11-23 Apple Inc. Allocation of memory within a data type-specific memory heap
CN109858239B (zh) * 2019-01-16 2020-01-17 四川大学 一种动静态结合的容器内cpu漏洞攻击程序检测方法
US10936507B2 (en) * 2019-03-28 2021-03-02 Intel Corporation System, apparatus and method for application specific address mapping
US11468881B2 (en) * 2019-03-29 2022-10-11 Samsung Electronics Co., Ltd. Method and system for semantic intelligent task learning and adaptive execution
US11561814B2 (en) * 2019-05-15 2023-01-24 Vmware, Inc. Browser-driven capture of application installations for application virtualization
US11061819B2 (en) 2019-05-28 2021-07-13 Micron Technology, Inc. Distributed computing based on memory as a service
US11169930B2 (en) 2019-05-28 2021-11-09 Micron Technology, Inc. Fine grain data migration to or from borrowed memory
US12436804B2 (en) 2019-05-28 2025-10-07 Micron Technology, Inc. Memory as a service for artificial neural network (ANN) applications
CN110598378B (zh) * 2019-08-01 2023-07-18 华为技术有限公司 全局偏移表度量方法、动态度量方法及相关装置、设备
KR102693699B1 (ko) * 2019-09-06 2024-08-12 삼성전자 주식회사 전자 장치에서 어플리케이션 업데이트 시 런타임 성능 개선 방법 및 장치
CN110888773B (zh) * 2019-10-28 2023-06-06 北京字节跳动网络技术有限公司 一种获取线程标识的方法、装置、介质和电子设备
TWI728637B (zh) * 2020-01-02 2021-05-21 中華電信股份有限公司 資訊安全防護方法及電腦可讀媒介
US11610020B2 (en) * 2020-04-07 2023-03-21 Mcafee, Llc Securing sensitive user data stored locally by an application
US11783042B2 (en) * 2020-06-17 2023-10-10 Qualcomm Incorporated Access control system and method for isolating mutually distrusting security domains
US11599342B2 (en) * 2020-09-28 2023-03-07 Red Hat, Inc. Pathname independent probing of binaries
CN113190448B (zh) * 2021-05-06 2022-11-04 网易(杭州)网络有限公司 测试代码更新方法及装置、电子设备、存储介质
CN113190237B (zh) * 2021-05-10 2024-01-19 北京百度网讯科技有限公司 数据处理方法、系统和装置
US11902398B2 (en) 2021-06-22 2024-02-13 Bizdata Inc. System and method to integrate data from one application to another application
US11934533B2 (en) 2021-06-22 2024-03-19 Microsoft Technology Licensing, Llc Detection of supply chain-related security threats to software applications
CN114268514B (zh) * 2021-11-30 2022-11-08 国汽智控(北京)科技有限公司 车辆与上位机的通信方法、装置及系统
CN114448815B (zh) * 2021-12-27 2023-11-03 天翼云科技有限公司 基于网络拓扑的cdn节点数据生成方法、装置及计算机设备
US11928460B2 (en) * 2022-04-20 2024-03-12 International Business Machines Corporation Dynamic update of a computer program in memory
TWI875076B (zh) * 2023-07-12 2025-03-01 新唐科技股份有限公司 用於執行空中更新韌體的微控制器及方法
KR20250080304A (ko) * 2023-11-28 2025-06-05 삼성전자주식회사 저널 데이터 생성 방법, 저널 리플레이 수행 방법, 및 스토리지 장치
CN119227067B (zh) * 2024-12-05 2025-03-07 成都数默科技有限公司 一种基于ai的二进制同源样本分析方法

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012154996A1 (en) * 2011-05-10 2012-11-15 Qualcomm Incorporated Apparatus and method for hardware-based secure data processing using buffer memory address range rules

Family Cites Families (38)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5572590A (en) 1994-04-12 1996-11-05 International Business Machines Corporation Discrimination of malicious changes to digital information using multiple signatures
JP3011115B2 (ja) * 1997-01-17 2000-02-21 日本電気株式会社 デバッグシステム
US6988271B2 (en) 1998-10-02 2006-01-17 Microsoft Corporation Heavyweight and lightweight instrumentation
US6681331B1 (en) 1999-05-11 2004-01-20 Cylant, Inc. Dynamic software system intrusion detection
US6785818B1 (en) 2000-01-14 2004-08-31 Symantec Corporation Thwarting malicious registry mapping modifications and map-loaded module masquerade attacks
US6477612B1 (en) 2000-02-08 2002-11-05 Microsoft Corporation Providing access to physical memory allocated to a process by selectively mapping pages of the physical memory with virtual memory allocated to the process
US20020178375A1 (en) * 2001-01-31 2002-11-28 Harris Corporation Method and system for protecting against malicious mobile code
US6598144B1 (en) * 2001-12-12 2003-07-22 Advanced Micro Devices, Inc. Arrangement for limiting access to addresses by a consumer process instigating work in a channel adapter based on virtual address mapping
US7213123B2 (en) * 2002-10-24 2007-05-01 International Business Machines Corporation Method and apparatus for mapping debugging information when debugging integrated executables in a heterogeneous architecture
GB0623276D0 (en) * 2006-11-22 2007-01-03 Transitive Ltd Memory consistency protection in a multiprocessor computing system
JP4763743B2 (ja) * 2008-03-28 2011-08-31 日本電信電話株式会社 プログラム動作比較装置及び方法及びプログラム
CN101315602B (zh) * 2008-05-09 2011-01-26 浙江大学 硬件化的进程内存管理核的方法
EP2151763A1 (en) 2008-07-28 2010-02-10 Nagravision S.A. Method and apparatus for obfuscating virtual to physical memory mapping
US9235704B2 (en) 2008-10-21 2016-01-12 Lookout, Inc. System and method for a scanning API
CN101430662B (zh) * 2008-12-09 2010-10-06 东信和平智能卡股份有限公司 Java语言程序与虚拟机程序共同调试的方法
US8117422B2 (en) 2009-02-05 2012-02-14 Texas Instruments Incorporated Fast address translation for linear and circular modes
US8271450B2 (en) 2009-10-01 2012-09-18 Vmware, Inc. Monitoring a data structure in a virtual machine and determining if memory pages containing the data structure are swapped into or out of guest physical memory
TWI432987B (zh) 2011-03-15 2014-04-01 Phison Electronics Corp 記憶體儲存裝置、其記憶體控制器與病毒掃描方法
US9032526B2 (en) 2011-05-12 2015-05-12 Microsoft Technology Licensing, Llc Emulating mixed-code programs using a virtual machine instance
US8566935B2 (en) 2011-05-12 2013-10-22 At&T Intellectual Property I, L.P. Balancing malware rootkit detection with power consumption on mobile devices
CN102243595B (zh) * 2011-08-03 2014-02-19 浙江大学 基于MMU架构的Java Card系统组件更新方法
US8897762B2 (en) * 2012-02-28 2014-11-25 Qualcomm Incorporated Optimizing signaling load overhead and battery consumption for background applications
IL219597A0 (en) 2012-05-03 2012-10-31 Syndrome X Ltd Malicious threat detection, malicious threat prevention, and a learning systems and methods for malicious threat detection and prevention
US20130301830A1 (en) * 2012-05-08 2013-11-14 Hagai Bar-El Device, system, and method of secure entry and handling of passwords
US8819772B2 (en) 2012-06-25 2014-08-26 Appthority, Inc. In-line filtering of insecure or unwanted mobile device software components or communications
CN102855138B (zh) * 2012-07-20 2015-12-09 腾讯科技(深圳)有限公司 一种api的拦截方法、装置及移动终端
US9268936B2 (en) 2012-07-27 2016-02-23 Mandiant, Llc Physical memory forensics system and method
US9092327B2 (en) * 2012-12-10 2015-07-28 Qualcomm Incorporated System and method for allocating memory to dissimilar memory devices using quality of service
US9311011B2 (en) * 2013-08-07 2016-04-12 Qualcomm Incorporated Dynamic address negotiation for shared memory regions in heterogenous multiprocessor systems
CA2923231C (en) * 2013-09-12 2020-06-02 Virsec Systems, Inc. Automated runtime detection of malware
US9489313B2 (en) 2013-09-24 2016-11-08 Qualcomm Incorporated Conditional page fault control for page residency
CN104572046B (zh) * 2013-10-16 2019-01-11 腾讯科技(深圳)有限公司 一种堆栈还原方法和计算机系统
US10108409B2 (en) * 2014-01-03 2018-10-23 Visa International Service Association Systems and methods for updatable applets
US9721212B2 (en) 2014-06-04 2017-08-01 Qualcomm Incorporated Efficient on-device binary analysis for auto-generated behavioral models
US9721660B2 (en) 2014-10-24 2017-08-01 Microsoft Technology Licensing, Llc Configurable volatile memory without a dedicated power source for detecting a data save trigger condition
CN104461905A (zh) * 2014-12-30 2015-03-25 东信和平科技股份有限公司 一种智能卡虚拟机、api库与上层应用同时调试的方法及系统
CN105117648A (zh) * 2015-07-29 2015-12-02 杭州安恒信息技术有限公司 一种基于虚拟机的0day/恶意文档检测系统及方法
US10289847B2 (en) 2016-07-29 2019-05-14 Qualcomm Incorporated Updating virtual memory addresses of target application functionalities for an updated version of application binary code

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012154996A1 (en) * 2011-05-10 2012-11-15 Qualcomm Incorporated Apparatus and method for hardware-based secure data processing using buffer memory address range rules

Also Published As

Publication number Publication date
CN109564608A (zh) 2019-04-02
CN109643343A (zh) 2019-04-16
SG11201811216WA (en) 2019-02-27
CN109478217B (zh) 2021-12-28
TW201805806A (zh) 2018-02-16
CN109478217A (zh) 2019-03-15
US10289847B2 (en) 2019-05-14
BR112019001506A2 (pt) 2019-05-07
EP3491570A1 (en) 2019-06-05
US20180032731A1 (en) 2018-02-01
SG11201811211TA (en) 2019-02-27
JP6704504B2 (ja) 2020-06-03
EP3491568B1 (en) 2022-02-23
US10360383B2 (en) 2019-07-23
WO2018022257A1 (en) 2018-02-01
JP6704503B2 (ja) 2020-06-03
US10380342B2 (en) 2019-08-13
US20180032441A1 (en) 2018-02-01
TW201807576A (zh) 2018-03-01
JP2019527892A (ja) 2019-10-03
BR112019001511A2 (pt) 2019-04-30
KR20190038544A (ko) 2019-04-08
JP2019528515A (ja) 2019-10-10
TWI696950B (zh) 2020-06-21
BR112019001479A2 (pt) 2019-04-30
EP3491569A1 (en) 2019-06-05
KR20190038542A (ko) 2019-04-08
KR102097256B1 (ko) 2020-04-03
EP3491569B1 (en) 2020-04-22
WO2018022256A1 (en) 2018-02-01
KR102058326B1 (ko) 2019-12-20
US20180032721A1 (en) 2018-02-01
SG11201811213XA (en) 2019-02-27
JP2019526123A (ja) 2019-09-12
TWI686744B (zh) 2020-03-01
EP3491568A1 (en) 2019-06-05
KR20190038543A (ko) 2019-04-08
WO2018022255A1 (en) 2018-02-01
TW201807570A (zh) 2018-03-01

Similar Documents

Publication Publication Date Title
CN109643343B (zh) 使用虚拟地址映射对目标应用功能的基于内核的检测
Lee et al. Preventing Use-after-free with Dangling Pointers Nullification.
Sun et al. Blender: Self-randomizing address space layout for android apps
Hu et al. Identifying arbitrary memory access vulnerabilities in privilege-separated software
González Taxi: Defeating code reuse attacks with tagged memory
HK40005784A (en) Kernel-based detection of target application functionality using virtual address mapping
HK40005417A (en) Updating virtual memory addresses of target application functionalities for an updated version of application binary code
HK40003337A (en) Kernel-based detection of target application functionality using offset-based virtual address mapping
EP4310707B1 (en) System and method for detecting malicious code by an interpreter in a computing device
Nguyen et al. Live Memory Forensics on Virtual Memory
Saeed et al. Tag‐Protector: An Effective and Dynamic Detection of Illegal Memory Accesses through Compile Time Code Instrumentation
Galea et al. SUDUTA: Script UAF Detection Using Taint Analysis
BR112019001479B1 (pt) Detecção baseada em núcleo de funcionalidade de aplicação alvo utilizando mapeamento de endereços virtuais
Ahad et al. FreePart: Hardening Data Processing Software via Framework-based Partitioning and Isolation
Davidson et al. Kevlar: Transitioning Helix from Research to Practice
Verma Multimedia Attacks on Android devices using StageFright exploit

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 40005784

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant
TG01 Patent term adjustment
TG01 Patent term adjustment