DK3410335T3 - Automatiseret kodelåsning til reduktion af angrebsoverfladen for software - Google Patents

Automatiseret kodelåsning til reduktion af angrebsoverfladen for software Download PDF

Info

Publication number
DK3410335T3
DK3410335T3 DK18179774.7T DK18179774T DK3410335T3 DK 3410335 T3 DK3410335 T3 DK 3410335T3 DK 18179774 T DK18179774 T DK 18179774T DK 3410335 T3 DK3410335 T3 DK 3410335T3
Authority
DK
Denmark
Prior art keywords
attack
software
reduce
automated code
code locking
Prior art date
Application number
DK18179774.7T
Other languages
English (en)
Inventor
Satya Vrat Gupta
Original Assignee
Virsec Systems Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Virsec Systems Inc filed Critical Virsec Systems Inc
Application granted granted Critical
Publication of DK3410335T3 publication Critical patent/DK3410335T3/da

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Debugging And Monitoring (AREA)
  • Storage Device Security (AREA)
  • Executing Machine-Instructions (AREA)
DK18179774.7T 2014-06-24 2015-06-24 Automatiseret kodelåsning til reduktion af angrebsoverfladen for software DK3410335T3 (da)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201461998320P 2014-06-24 2014-06-24
EP15736114.8A EP3161709B1 (en) 2014-06-24 2015-06-24 Automated code lockdown to reduce attack surface for software

Publications (1)

Publication Number Publication Date
DK3410335T3 true DK3410335T3 (da) 2021-11-01

Family

ID=53540868

Family Applications (1)

Application Number Title Priority Date Filing Date
DK18179774.7T DK3410335T3 (da) 2014-06-24 2015-06-24 Automatiseret kodelåsning til reduktion af angrebsoverfladen for software

Country Status (7)

Country Link
US (2) US9727729B2 (da)
EP (2) EP3161709B1 (da)
CN (1) CN106687971B (da)
AU (2) AU2015279922B2 (da)
CA (1) CA2953788C (da)
DK (1) DK3410335T3 (da)
WO (1) WO2015200510A1 (da)

Families Citing this family (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9727729B2 (en) 2014-06-24 2017-08-08 Virsec Systems, Inc. Automated code lockdown to reduce attack surface for software
WO2017208969A1 (ja) * 2016-06-01 2017-12-07 日本電信電話株式会社 検知装置、検知方法、検知システム、および検知プログラム
CN108377495B (zh) * 2016-10-31 2021-10-15 华为技术有限公司 一种数据传输方法、相关设备及系统
US10855713B2 (en) 2017-04-27 2020-12-01 Microsoft Technology Licensing, Llc Personalized threat protection
US10904291B1 (en) * 2017-05-03 2021-01-26 Hrl Laboratories, Llc Low-overhead software transformation to enforce information security policies
US10740470B2 (en) 2017-05-31 2020-08-11 Shiftleft Inc. System and method for application security profiling
EP3669295B1 (en) * 2017-08-16 2024-03-13 Hewlett-Packard Development Company, L.P. Storage monitoring
US10917435B2 (en) * 2017-08-17 2021-02-09 Acronis International Gmbh Cloud AI engine for malware analysis and attack prediction
US10592405B2 (en) 2017-10-03 2020-03-17 International Business Machines Corporation Visualization of vulnerabilities detected by static application testing
US10956574B2 (en) 2017-10-07 2021-03-23 Shiftleft Inc. System and method for securing applications through an application-aware runtime agent
CN107968776B (zh) * 2017-10-30 2020-10-13 北京计算机技术及应用研究所 一种基于双向控制函数的动态攻击面变换方法
US10594729B2 (en) * 2017-10-31 2020-03-17 International Business Machines Corporation Dynamically configuring a honeypot
US11074362B2 (en) 2017-12-04 2021-07-27 ShiftLeft, Inc. System and method for code-based protection of sensitive data
US10545745B2 (en) * 2018-04-18 2020-01-28 International Business Machines Corporation Application binary rewriting to reduce binary attack surface area
US10735262B1 (en) * 2018-04-26 2020-08-04 Intuit Inc. System and method for self-orchestrated canary release deployment within an API gateway architecture
JP2022502723A (ja) 2018-10-18 2022-01-11 スターナム リミテッドSternum Ltd. スタック破損のエクスプロイトに対する中間コードファイルにおけるセキュリティ緩和手段の適用
US11176060B2 (en) 2018-10-29 2021-11-16 Sternum Ltd. Dynamic memory protection
US11514172B2 (en) 2018-11-15 2022-11-29 Grabango Co. System and method for information flow analysis of application code
CN109561112A (zh) * 2019-01-25 2019-04-02 虞定生 一种人工智能实时检测安全攻击系统
US11625820B2 (en) 2020-05-28 2023-04-11 Applied Materials Israel Ltd. Evaluating an inspection algorithm for inspecting a semiconductor specimen
US11431719B2 (en) 2020-06-23 2022-08-30 Bank Of America Corporation Dynamic access evaluation and control system
US11252160B1 (en) 2020-10-22 2022-02-15 Bank Of America Corporation Artificial intelligence software access bundling
US11733989B2 (en) 2021-03-22 2023-08-22 Nec Corporation Automated and dynamic system call sealing
US20230141142A1 (en) * 2021-11-05 2023-05-11 Blackberry Limited Identifying application program interface use in a binary code
US20230142345A1 (en) * 2021-11-05 2023-05-11 Blackberry Limited Detecting software vulnerabilities in a binary code
US11936693B2 (en) 2022-04-13 2024-03-19 Wiz, Inc. System and method for applying a policy on a network path
US20230336550A1 (en) * 2022-04-13 2023-10-19 Wiz, Inc. Techniques for detecting resources without authentication using exposure analysis
US20230336554A1 (en) * 2022-04-13 2023-10-19 Wiz, Inc. Techniques for analyzing external exposure in cloud environments
US20230336578A1 (en) * 2022-04-13 2023-10-19 Wiz, Inc. Techniques for active inspection of vulnerability exploitation using exposure analysis
WO2024033847A1 (en) * 2022-08-10 2024-02-15 Wiz, Inc. Techniques for technology stack discovery using external exposure in cloud environments

Family Cites Families (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6782478B1 (en) 1999-04-28 2004-08-24 Thomas Probert Techniques for encoding information in computer code
US20020013938A1 (en) * 2000-02-09 2002-01-31 Evelyn Duesterwald Fast runtime scheme for removing dead code across linked fragments
US6654877B1 (en) * 2000-08-23 2003-11-25 Hewlett-Packard Development Company, L.P. System and method for selectively executing computer code
US20030023732A1 (en) * 2001-03-13 2003-01-30 Cohen Michael S. Network based centralized control and management system
US7418729B2 (en) * 2002-07-19 2008-08-26 Symantec Corporation Heuristic detection of malicious computer code by page tracking
GB0226905D0 (en) * 2002-11-18 2002-12-24 Advanced Risc Mach Ltd Exception tyres within a secure processing system
US20040168078A1 (en) * 2002-12-04 2004-08-26 Brodley Carla E. Apparatus, system and method for protecting function return address
US7559082B2 (en) * 2003-06-25 2009-07-07 Microsoft Corporation Method of assisting an application to traverse a firewall
US7624449B1 (en) * 2004-01-22 2009-11-24 Symantec Corporation Countering polymorphic malicious computer code through code optimization
GB0404517D0 (en) * 2004-03-01 2004-03-31 Qinetiq Ltd Threat mitigation in computer networks
FR2877118B1 (fr) * 2004-10-22 2007-01-19 Oberthur Card Syst Sa Protection contre les attaques par generation de fautes sur les instructions de saut
ATE387649T1 (de) * 2004-12-21 2008-03-15 Ibm Diagnostisches verfahren und system
US8041958B2 (en) * 2006-02-14 2011-10-18 Lenovo (Singapore) Pte. Ltd. Method for preventing malicious software from execution within a computer system
JP5054768B2 (ja) * 2006-06-21 2012-10-24 ヴィーブ−システムズ アクチエンゲゼルシャフト 侵入検出のための方法と装置
US7908660B2 (en) * 2007-02-06 2011-03-15 Microsoft Corporation Dynamic risk management
US7854002B2 (en) * 2007-04-30 2010-12-14 Microsoft Corporation Pattern matching for spyware detection
US20100011441A1 (en) * 2007-05-01 2010-01-14 Mihai Christodorescu System for malware normalization and detection
US8196140B2 (en) * 2008-01-11 2012-06-05 Microsoft Corporation Service function redirection for avoiding function evaluation blockages
US8745703B2 (en) * 2008-06-24 2014-06-03 Microsoft Corporation Identifying exploitation of vulnerabilities using error report
US8578483B2 (en) * 2008-07-31 2013-11-05 Carnegie Mellon University Systems and methods for preventing unauthorized modification of an operating system
CA2674327C (en) * 2008-08-06 2017-01-03 Trend Micro Incorporated Exploit nonspecific host intrusion prevention/detection methods and systems and smart filters therefor
US8307432B1 (en) * 2008-10-07 2012-11-06 Trend Micro Incorporated Generic shellcode detection
US9230455B2 (en) 2009-12-11 2016-01-05 Digital Immunity Llc Steganographic embedding of executable code
US8958546B2 (en) 2009-12-11 2015-02-17 Stegosytems, Inc. Steganographic messaging system using code invariants
US9536089B2 (en) * 2010-09-02 2017-01-03 Mcafee, Inc. Atomic detection and repair of kernel memory
WO2012154664A2 (en) * 2011-05-06 2012-11-15 University Of North Carolina At Chapel Hill Methods, systems, and computer readable media for detecting injected machine code
US8612959B2 (en) * 2011-10-03 2013-12-17 International Business Machines Corporation Linking code for an enhanced application binary interface (ABI) with decode time instruction optimization
CN102375957B (zh) * 2011-11-10 2014-05-14 西安电子科技大学 内核级return-oriented rootkits的防御方法
KR101896503B1 (ko) * 2012-03-12 2018-09-07 삼성전자주식회사 디바이스 정보자원이 유출되는지 여부를 탐지하는 방법 및 장치
AU2013259469A1 (en) * 2012-05-09 2014-11-27 SunStone Information Defense Inc. Methods and apparatus for identifying and removing malicious applications
KR101212553B1 (ko) * 2012-05-11 2012-12-14 주식회사 안랩 악성 파일 검사 장치 및 방법
US9636449B2 (en) * 2012-06-18 2017-05-02 Ketan C. Mehta Rinsing assembly
KR20170143006A (ko) * 2013-01-16 2017-12-28 맥아피 인코퍼레이티드 네트워크 환경에서의 악성 스크립트 언어 코드의 검출
US9202044B2 (en) * 2013-11-21 2015-12-01 The Board Of Regents, The University Of Texas System System and method for retrofitting application code
US11100218B2 (en) * 2014-01-20 2021-08-24 Prevoty, Inc. Systems and methods for improving accuracy in recognizing and neutralizing injection attacks in computer services
KR101445634B1 (ko) * 2014-01-27 2014-10-06 주식회사 이글루시큐리티 프로그램의 취약점을 이용한 공격의 탐지 장치 및 방법
US9727729B2 (en) 2014-06-24 2017-08-08 Virsec Systems, Inc. Automated code lockdown to reduce attack surface for software
US9460284B1 (en) * 2015-06-12 2016-10-04 Bitdefender IPR Management Ltd. Behavioral malware detection using an interpreter virtual machine
US20170083701A1 (en) * 2015-09-17 2017-03-23 OnSystem Logic, LLC Using Assured Calling Sequences in Micro-Sandboxes

Also Published As

Publication number Publication date
AU2018204262B2 (en) 2020-04-02
US9727729B2 (en) 2017-08-08
AU2015279922A1 (en) 2017-02-02
EP3161709A1 (en) 2017-05-03
US20160224790A1 (en) 2016-08-04
WO2015200510A8 (en) 2016-03-03
CN106687971B (zh) 2020-08-28
EP3410335B1 (en) 2021-07-28
EP3161709B1 (en) 2018-08-01
CA2953788C (en) 2021-05-18
CN106687971A (zh) 2017-05-17
WO2015200510A1 (en) 2015-12-30
EP3410335A1 (en) 2018-12-05
AU2018204262A1 (en) 2018-07-05
AU2015279922B2 (en) 2018-03-15
CA2953788A1 (en) 2015-12-30
US20180004950A1 (en) 2018-01-04
US10509906B2 (en) 2019-12-17

Similar Documents

Publication Publication Date Title
DK3410335T3 (da) Automatiseret kodelåsning til reduktion af angrebsoverfladen for software
DK3186376T3 (da) Fremgangsmåder til forbedring af cas9-medieret manipulationseffektivitet
DK3192902T3 (da) Fremgangsmåde til fremstilling af graphenholdige viscosefibre
DK3096741T3 (da) Fremgangsmåde til fremstillingen af hybridosomer
DK3492632T3 (da) Metoder til behandling af lithiumholdige materialer
DK3174858T3 (da) Fremgangsmåde til fremstilling af pyrazoler
DK3372584T3 (da) Fremgangsmåde til fremstillingen af en diarylthiohydantoin-forbindelse
DK3166904T3 (da) Fremgangsmåde til fremstilling af betonelementer
DE112015004474A5 (de) Optoelektronisches Bauelement
DK3359522T3 (da) Proces til fremstilling af N-Boc-bifenylalaninol
DK3233813T3 (da) Fremgangsmåder til fremstilling af oxathiazin-lignende forbindelser
DK3166927T3 (da) Fremgangsmåde til fremstilling af 4-alkoxy-3-hydroxy-picolinsyre
DK3191498T3 (da) Fremgangsmåde til fremstilling af 2'-o-fucosyllactose
DK3201346T3 (da) Fremgangsmåder til fremstilling af biopolymer-matrix kompositmaterialer
DK3177931T3 (da) Fremgangsmåde til bestemmelse af stoffers evne til at binde til analytaktive steder
DK3347307T3 (da) Fremgangsmåde til ekstraktionen af silikat
DK3137449T3 (da) Fremgangsmåder til fremstilling af substituerede cycloseriner
DK3166923T3 (da) Fremgangsmåde til fremstilling af substituerede phenylalkaner
DK3224225T3 (da) Fremgangsmåde til fremstilling af ethen
DE112015004123A5 (de) Optoelektronisches Bauteil
BR112016027556A2 (pt) métodos de preparação de um composto
DE112015002642A5 (de) Optoelektronisches Bauelement
DK3273957T3 (da) Biotin til behandling af demyeliniserende neuropatier
DK3191709T3 (da) Fremgangsmåde til produktion af elektricitet
DE112015004104A5 (de) Optoelektronisches Bauteil