IN2014CN03071A - - Google Patents

Info

Publication number
IN2014CN03071A
IN2014CN03071A IN3071CHN2014A IN2014CN03071A IN 2014CN03071 A IN2014CN03071 A IN 2014CN03071A IN 3071CHN2014 A IN3071CHN2014 A IN 3071CHN2014A IN 2014CN03071 A IN2014CN03071 A IN 2014CN03071A
Authority
IN
India
Prior art keywords
cache
instruction
rop
code sequences
loading profile
Prior art date
Application number
Other languages
English (en)
Inventor
Daniel Komaromy
Alex Gantman
Brian M Rosenberg
Arun Balakrishnan
Renwei Ge
Gregory G Rose
Anand Palanigounder
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of IN2014CN03071A publication Critical patent/IN2014CN03071A/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/3003Monitoring arrangements specially adapted to the computing system or computing system component being monitored
    • G06F11/3037Monitoring arrangements specially adapted to the computing system or computing system component being monitored where the computing system component is a memory, e.g. virtual memory, cache
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/34Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
    • G06F11/3466Performance evaluation by tracing or monitoring
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/0802Addressing of a memory level in which the access to the desired data or data block requires associative addressing means, e.g. caches
    • G06F12/0806Multiuser, multiprocessor or multiprocessing cache systems
    • G06F12/0811Multiuser, multiprocessor or multiprocessing cache systems with multilevel cache hierarchies
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/0802Addressing of a memory level in which the access to the desired data or data block requires associative addressing means, e.g. caches
    • G06F12/0875Addressing of a memory level in which the access to the desired data or data block requires associative addressing means, e.g. caches with dedicated cache, e.g. instruction or stack
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/0802Addressing of a memory level in which the access to the desired data or data block requires associative addressing means, e.g. caches
    • G06F12/0844Multiple simultaneous or quasi-simultaneous cache accessing
    • G06F12/0846Cache with multiple tag or data arrays being simultaneously accessible
    • G06F12/0848Partitioned cache, e.g. separate instruction and operand caches
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/45Caching of specific data in cache memory
    • G06F2212/452Instruction code

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Quality & Reliability (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Mathematical Physics (AREA)
  • Advance Control (AREA)
  • Memory System Of A Hierarchy Structure (AREA)
  • Debugging And Monitoring (AREA)
  • Measurement Of Radiation (AREA)
  • Passenger Equipment (AREA)
  • Fishing Rods (AREA)
  • Stored Programmes (AREA)
IN3071CHN2014 2011-11-07 2012-11-07 IN2014CN03071A (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US13/290,932 US8839429B2 (en) 2011-11-07 2011-11-07 Methods, devices, and systems for detecting return-oriented programming exploits
PCT/US2012/063953 WO2013070773A2 (en) 2011-11-07 2012-11-07 Methods, devices, and systems for detecting return-oriented programming exploits

Publications (1)

Publication Number Publication Date
IN2014CN03071A true IN2014CN03071A (de) 2015-07-31

Family

ID=47428964

Family Applications (1)

Application Number Title Priority Date Filing Date
IN3071CHN2014 IN2014CN03071A (de) 2011-11-07 2012-11-07

Country Status (6)

Country Link
US (2) US8839429B2 (de)
EP (2) EP3062259A1 (de)
JP (1) JP5944520B2 (de)
CN (1) CN103946855B (de)
IN (1) IN2014CN03071A (de)
WO (1) WO2013070773A2 (de)

Families Citing this family (43)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9268945B2 (en) * 2010-03-19 2016-02-23 Contrast Security, Llc Detection of vulnerabilities in computer systems
US8839429B2 (en) 2011-11-07 2014-09-16 Qualcomm Incorporated Methods, devices, and systems for detecting return-oriented programming exploits
US20130179869A1 (en) * 2012-01-10 2013-07-11 Telcordia Technologies, Inc. Adaptive Diversity for Compressible Return Oriented Programs
US9256730B2 (en) * 2012-09-07 2016-02-09 Crowdstrike, Inc. Threat detection for return oriented programming
US9177147B2 (en) * 2012-09-28 2015-11-03 Intel Corporation Protection against return oriented programming attacks
US9223979B2 (en) 2012-10-31 2015-12-29 Intel Corporation Detection of return oriented programming attacks
WO2014189510A1 (en) * 2013-05-23 2014-11-27 Intel Corporation Techniques for detecting return-oriented programming
US10310863B1 (en) * 2013-07-31 2019-06-04 Red Hat, Inc. Patching functions in use on a running computer system
US9292684B2 (en) 2013-09-06 2016-03-22 Michael Guidry Systems and methods for security in computer systems
US9465936B2 (en) 2013-11-06 2016-10-11 Bitdefender IPR Management Ltd. Systems and methods for detecting return-oriented programming (ROP) exploits
US9928110B2 (en) * 2014-03-31 2018-03-27 Cfph, Llc Resource allocation based on processor assignments
US9390264B2 (en) 2014-04-18 2016-07-12 Qualcomm Incorporated Hardware-based stack control information protection
US20160196427A1 (en) * 2014-07-08 2016-07-07 Leviathan, Inc. System and Method for Detecting Branch Oriented Programming Anomalies
US9904780B2 (en) * 2014-07-31 2018-02-27 Nec Corporation Transparent detection and extraction of return-oriented-programming attacks
US9589133B2 (en) * 2014-08-08 2017-03-07 International Business Machines Corporation Preventing return-oriented programming exploits
CN104268471B (zh) * 2014-09-10 2017-04-26 珠海市君天电子科技有限公司 一种检测面向返程的编程攻击的方法及装置
EP2996034B1 (de) * 2014-09-11 2018-08-15 Nxp B.V. Ausführungsflussschutz in Mikrocontrollern
US9519773B2 (en) * 2014-09-12 2016-12-13 Intel Corporation Returning to a control transfer instruction
WO2016041592A1 (en) * 2014-09-17 2016-03-24 Irdeto B.V. Generating and executing protected items of software
US9465938B2 (en) * 2014-09-22 2016-10-11 Qualcomm Incorporated Integrated circuit and method for detection of malicious code in a first level instruction cache
US9501637B2 (en) * 2014-09-26 2016-11-22 Intel Corporation Hardware shadow stack support for legacy guests
US9646154B2 (en) * 2014-12-12 2017-05-09 Microsoft Technology Licensing, Llc Return oriented programming (ROP) attack protection
US9940484B2 (en) * 2014-12-23 2018-04-10 Intel Corporation Techniques for detecting false positive return-oriented programming attacks
CN104732139A (zh) * 2015-02-04 2015-06-24 深圳市中兴移动通信有限公司 一种内存监控方法及终端
SG10201500921QA (en) * 2015-02-06 2016-09-29 Huawei Internat Pte Ltd Method for obfuscation of code using return oriented programming
US9842209B2 (en) * 2015-05-08 2017-12-12 Mcafee, Llc Hardened event counters for anomaly detection
SG10201504066QA (en) * 2015-05-25 2016-12-29 Huawei Internat Pte Ltd Method and system for defense against return oriented programming (rop) based attacks
WO2017030805A1 (en) 2015-08-18 2017-02-23 The Trustees Of Columbia University In The City Of New York Inhibiting memory disclosure attacks using destructive code reads
US10019572B1 (en) * 2015-08-27 2018-07-10 Amazon Technologies, Inc. Detecting malicious activities by imported software packages
US10032031B1 (en) 2015-08-27 2018-07-24 Amazon Technologies, Inc. Detecting unknown software vulnerabilities and system compromises
US10282224B2 (en) 2015-09-22 2019-05-07 Qualcomm Incorporated Dynamic register virtualization
US20170091454A1 (en) * 2015-09-25 2017-03-30 Vadim Sukhomlinov Lbr-based rop/jop exploit detection
US9576138B1 (en) * 2015-09-30 2017-02-21 International Business Machines Corporation Mitigating ROP attacks
US9767292B2 (en) 2015-10-11 2017-09-19 Unexploitable Holdings Llc Systems and methods to identify security exploits by generating a type based self-assembling indirect control flow graph
US10437998B2 (en) * 2015-10-26 2019-10-08 Mcafee, Llc Hardware heuristic-driven binary translation-based execution analysis for return-oriented programming malware detection
US10419423B2 (en) 2015-10-30 2019-09-17 Mcafee, Llc Techniques for identification of location of relevant fields in a credential-seeking web page
EP3404572B1 (de) * 2016-02-24 2020-09-23 Nippon Telegraph And Telephone Corporation Angriffscodedetektionsvorrichtung, angriffscodedetektionsverfahren und angriffscodedetektionsprogramm
US10423792B2 (en) 2016-09-23 2019-09-24 Red Hat, Inc. Identifying exploitable code sequences
US10437990B2 (en) 2016-09-30 2019-10-08 Mcafee, Llc Detection of return oriented programming attacks in a processor
US10489592B1 (en) * 2017-03-21 2019-11-26 Symantec Corporation Creating an execution safety container for unreliable exploits
DE102017124805B4 (de) * 2017-10-24 2019-05-29 Infineon Technologies Ag Speicheranordnung und verfahren zum zwischenspeichern von speicherinhalten
CN112395598B (zh) * 2019-08-15 2024-04-19 奇安信安全技术(珠海)有限公司 指令执行序列被破坏的防护方法、装置及设备
US11743513B2 (en) * 2020-10-27 2023-08-29 Akamai Technologies, Inc. Measuring and improving origin offload and resource utilization in caching systems

Family Cites Families (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5956477A (en) * 1996-11-25 1999-09-21 Hewlett-Packard Company Method for processing information in a microprocessor to facilitate debug and performance monitoring
US6047363A (en) * 1997-10-14 2000-04-04 Advanced Micro Devices, Inc. Prefetching data using profile of cache misses from earlier code executions
US6134710A (en) 1998-06-26 2000-10-17 International Business Machines Corp. Adaptive method and system to minimize the effect of long cache misses
EP1331539B1 (de) 2002-01-16 2016-09-28 Texas Instruments France Sicherer Modus für Prozessoren, die Speicherverwaltung und Unterbrechungen unterstützen
US7086088B2 (en) * 2002-05-15 2006-08-01 Nokia, Inc. Preventing stack buffer overflow attacks
US7954102B2 (en) 2002-11-13 2011-05-31 Fujitsu Limited Scheduling method in multithreading processor, and multithreading processor
WO2004044745A1 (ja) * 2002-11-13 2004-05-27 Fujitsu Limited マルチスレッディングプロセッサにおけるスケジューリング方法およびマルチスレッディングプロセッサ
GB0226875D0 (en) * 2002-11-18 2002-12-24 Advanced Risc Mach Ltd Control of access to a memory by a device
US7134029B2 (en) 2003-11-06 2006-11-07 International Business Machines Corporation Computer-component power-consumption monitoring and control
US7392370B2 (en) 2004-01-14 2008-06-24 International Business Machines Corporation Method and apparatus for autonomically initiating measurement of secondary metrics based on hardware counter values for primary metrics
KR100586500B1 (ko) 2004-03-18 2006-06-07 학교법인고려중앙학원 버퍼 오버플로우 공격들을 감지하고 복구하는 방법 및 그장치
FR2877118B1 (fr) * 2004-10-22 2007-01-19 Oberthur Card Syst Sa Protection contre les attaques par generation de fautes sur les instructions de saut
US7730531B2 (en) 2005-04-15 2010-06-01 Microsoft Corporation System and method for detection of artificially generated system load
US7818747B1 (en) 2005-11-03 2010-10-19 Oracle America, Inc. Cache-aware scheduling for a chip multithreading processor
US20070150881A1 (en) * 2005-12-22 2007-06-28 Motorola, Inc. Method and system for run-time cache logging
JP4915774B2 (ja) 2006-03-15 2012-04-11 株式会社日立製作所 ストレージシステム及びストレージシステムの制御方法
US20080263324A1 (en) 2006-08-10 2008-10-23 Sehat Sutardja Dynamic core switching
US8447962B2 (en) * 2009-12-22 2013-05-21 Intel Corporation Gathering and scattering multiple data elements
JP2009217385A (ja) * 2008-03-07 2009-09-24 Toshiba Corp プロセッサ及びマルチプロセッサ
US8490061B2 (en) * 2009-05-07 2013-07-16 International Business Machines Corporation Profiling application performance according to data structure
US8689201B2 (en) * 2010-01-27 2014-04-01 Telcordia Technologies, Inc. Automated diversity using return oriented programming
CN101924761B (zh) 2010-08-18 2013-11-06 北京奇虎科技有限公司 一种依据白名单进行恶意程序检测的方法
US8997218B2 (en) * 2010-12-22 2015-03-31 F-Secure Corporation Detecting a return-oriented programming exploit
US8839429B2 (en) 2011-11-07 2014-09-16 Qualcomm Incorporated Methods, devices, and systems for detecting return-oriented programming exploits

Also Published As

Publication number Publication date
CN103946855A (zh) 2014-07-23
US20140372701A1 (en) 2014-12-18
US9262627B2 (en) 2016-02-16
EP2776971B1 (de) 2019-01-16
CN103946855B (zh) 2017-03-08
WO2013070773A2 (en) 2013-05-16
WO2013070773A3 (en) 2013-12-12
US8839429B2 (en) 2014-09-16
EP2776971A2 (de) 2014-09-17
US20130117843A1 (en) 2013-05-09
JP5944520B2 (ja) 2016-07-05
EP3062259A1 (de) 2016-08-31
JP2014532944A (ja) 2014-12-08

Similar Documents

Publication Publication Date Title
IN2014CN03071A (de)
GB201305036D0 (en) Method and apparatus for reducing power consumption in a processor by powering down an instruction fetch unit
EP2581834A4 (de) Multikernprozessorsystem, steuerungsverfahren für zwischenspeicherkohärenz und steuerprogramm für zwischenspeicherkohärenz
GB201319170D0 (en) Malware detection
GB201213318D0 (en) Managing a register cache based on an architected computer instruction set
GB201303300D0 (en) Data Processing
WO2012135192A3 (en) System and method for virtual machine monitor based anti-malware security
BR112013003596A2 (pt) aparelho de processamento de informações e sistema de processamento de informações
BRPI0906424A2 (pt) recurso de atributo de cache extraído e instrução consequente
EP2746954A3 (de) Verfahren und System zum Einfügen von Zwischenspeicherblöcken
GB2499168B (en) Cache coherency control method, system, and program
WO2014118788A3 (en) Early warning system and/or optical monitoring of livestock including poultry
WO2018132269A3 (en) Efficient breakpoint detection via caches
IN2015DN01261A (de)
DE602004007913D1 (de) Verfahren und vorrichtungen zur stride-profilierung einer softwareanwendung
BR112015003676A2 (pt) sistema, sistema para previsão de uma identidade de um veículo detectado por múltiplos sensores e método para monitoramento de veículo
WO2013148440A3 (en) Managing coherent memory between an accelerated processing device and a central processing unit
GB2519017A (en) Next instruction access intent instruction
MX2012005122A (es) Sistemas y metodos para la deteccion de fugas de refrigerante.
IN2014CN02619A (de)
GB2494331A (en) Hardware assist thread
WO2012100257A3 (en) Apparatus, system, and method for destaging cached data
IN2012DN02977A (de)
GB201211273D0 (en) Multilevel cache system
MY163087A (en) Energy consumption monitoring system,method, and computer program