KR20160145014A - 하드웨어-기반 스택 제어 정보 보호 - Google Patents
하드웨어-기반 스택 제어 정보 보호 Download PDFInfo
- Publication number
- KR20160145014A KR20160145014A KR1020167028458A KR20167028458A KR20160145014A KR 20160145014 A KR20160145014 A KR 20160145014A KR 1020167028458 A KR1020167028458 A KR 1020167028458A KR 20167028458 A KR20167028458 A KR 20167028458A KR 20160145014 A KR20160145014 A KR 20160145014A
- Authority
- KR
- South Korea
- Prior art keywords
- control information
- stack
- secured
- processor
- generate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Prevention of errors by analysis, debugging or testing of software
- G06F11/3604—Analysis of software for verifying properties of programs
- G06F11/3612—Analysis of software for verifying properties of programs by runtime analysis
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Quality & Reliability (AREA)
- Storage Device Security (AREA)
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US14/256,681 US9390264B2 (en) | 2014-04-18 | 2014-04-18 | Hardware-based stack control information protection |
| US14/256,681 | 2014-04-18 | ||
| PCT/US2015/025685 WO2015160759A1 (en) | 2014-04-18 | 2015-04-14 | Hardware-based stack control information protection |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| KR20160145014A true KR20160145014A (ko) | 2016-12-19 |
Family
ID=53039622
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| KR1020167028458A Withdrawn KR20160145014A (ko) | 2014-04-18 | 2015-04-14 | 하드웨어-기반 스택 제어 정보 보호 |
Country Status (7)
| Country | Link |
|---|---|
| US (1) | US9390264B2 (enExample) |
| EP (1) | EP3132374A1 (enExample) |
| JP (1) | JP2017518661A (enExample) |
| KR (1) | KR20160145014A (enExample) |
| CN (1) | CN106164872A (enExample) |
| BR (1) | BR112016024245A2 (enExample) |
| WO (1) | WO2015160759A1 (enExample) |
Families Citing this family (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2993605A1 (en) * | 2014-09-02 | 2016-03-09 | Gemalto Sa | System and method for protecting a device against attacks on processing flow using a code pointer complement |
| US10248434B2 (en) * | 2015-10-27 | 2019-04-02 | Blackberry Limited | Launching an application |
| US10157268B2 (en) | 2016-09-27 | 2018-12-18 | Microsoft Technology Licensing, Llc | Return flow guard using control stack identified by processor register |
| US10360373B2 (en) * | 2016-09-28 | 2019-07-23 | Intel Corporation | Return address encryption |
| US10409981B2 (en) | 2017-04-21 | 2019-09-10 | International Business Machines Corporation | In-process stack memory protection |
| US10740452B2 (en) * | 2017-09-15 | 2020-08-11 | Arm Limited | Call path dependent authentication |
| ES2988317T3 (es) | 2018-10-18 | 2024-11-20 | Sternum Ltd | Aplicación de medidas de mitigación de seguridad para la explotación de corrupción de pila en archivos de código intermedio |
| US20200210626A1 (en) * | 2018-12-28 | 2020-07-02 | Samsung Electronics Co., Ltd. | Secure branch predictor with context-specific learned instruction target address encryption |
| CN109785537B (zh) * | 2018-12-29 | 2022-09-30 | 奇安信安全技术(珠海)有限公司 | 一种atm机的安全防护方法及装置 |
| EP4004773B1 (en) * | 2019-07-29 | 2023-09-06 | Intertrust Technologies Corporation | Systems and methods for managing state |
| WO2021034753A2 (en) * | 2019-08-16 | 2021-02-25 | The Regents Of The University Of Michigan | Thwarting control plane attacks with displaced and dilated address spaces |
| US11711201B2 (en) * | 2020-08-14 | 2023-07-25 | Intel Corporation | Encoded stack pointers |
| US12164921B2 (en) * | 2020-12-16 | 2024-12-10 | International Business Machines Corporation | Comparing hash values computed at function entry and exit for increased security |
| JP2023101334A (ja) * | 2022-01-07 | 2023-07-20 | ソニーセミコンダクタソリューションズ株式会社 | 情報処理装置および情報処理方法 |
| GB2618116B (en) * | 2022-04-28 | 2025-10-22 | Advanced Risc Mach Ltd | Exception return state lock parameter |
| GB2620125A (en) * | 2022-06-28 | 2024-01-03 | Advanced Risc Mach Ltd | Methods and apparatus for pointer security |
Family Cites Families (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7853803B2 (en) | 2001-09-28 | 2010-12-14 | Verizon Corporate Services Group Inc. | System and method for thwarting buffer overflow attacks using encrypted process pointers |
| US7752459B2 (en) | 2001-12-06 | 2010-07-06 | Novell, Inc. | Pointguard: method and system for protecting programs against pointer corruption attacks |
| US7086088B2 (en) | 2002-05-15 | 2006-08-01 | Nokia, Inc. | Preventing stack buffer overflow attacks |
| ES2524914T3 (es) * | 2003-04-25 | 2014-12-15 | Koninklijke Philips N.V. | Reducción de sobrecarga y protección de direcciones en una pila de comunicación |
| US7856538B2 (en) * | 2005-12-12 | 2010-12-21 | Systex, Inc. | Methods, systems and computer readable medium for detecting memory overflow conditions |
| US8509431B2 (en) | 2010-09-20 | 2013-08-13 | Interdigital Patent Holdings, Inc. | Identity management on a wireless device |
| DE102012203521A1 (de) | 2011-03-28 | 2012-10-04 | International Business Machines Corp. | Architektur mit zwei Vertrauenswürdigkeitsstufen |
| US8839429B2 (en) | 2011-11-07 | 2014-09-16 | Qualcomm Incorporated | Methods, devices, and systems for detecting return-oriented programming exploits |
| US8776223B2 (en) | 2012-01-16 | 2014-07-08 | Qualcomm Incorporated | Dynamic execution prevention to inhibit return-oriented programming |
| US10210349B2 (en) | 2012-02-08 | 2019-02-19 | Arm Limited | Data processing apparatus and method using secure domain and less secure domain |
| US20140173290A1 (en) * | 2012-12-17 | 2014-06-19 | Advanced Micro Devices, Inc. | Return address tracking mechanism |
| US9037872B2 (en) * | 2012-12-17 | 2015-05-19 | Advanced Micro Devices, Inc. | Hardware based return pointer encryption |
| CA2809516C (en) * | 2013-03-13 | 2016-11-08 | Khalid Nawaf Alharbi | Preventing stack buffer overflow attacks |
| US9218467B2 (en) * | 2013-05-29 | 2015-12-22 | Raytheon Cyber Products, Llc | Intra stack frame randomization for protecting applications against code injection attack |
-
2014
- 2014-04-18 US US14/256,681 patent/US9390264B2/en active Active
-
2015
- 2015-04-14 KR KR1020167028458A patent/KR20160145014A/ko not_active Withdrawn
- 2015-04-14 BR BR112016024245A patent/BR112016024245A2/pt not_active IP Right Cessation
- 2015-04-14 JP JP2016560996A patent/JP2017518661A/ja active Pending
- 2015-04-14 CN CN201580019549.8A patent/CN106164872A/zh active Pending
- 2015-04-14 EP EP15719934.0A patent/EP3132374A1/en not_active Withdrawn
- 2015-04-14 WO PCT/US2015/025685 patent/WO2015160759A1/en not_active Ceased
Also Published As
| Publication number | Publication date |
|---|---|
| EP3132374A1 (en) | 2017-02-22 |
| US9390264B2 (en) | 2016-07-12 |
| JP2017518661A (ja) | 2017-07-06 |
| US20150302195A1 (en) | 2015-10-22 |
| CN106164872A (zh) | 2016-11-23 |
| BR112016024245A2 (pt) | 2017-08-15 |
| WO2015160759A1 (en) | 2015-10-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9390264B2 (en) | Hardware-based stack control information protection | |
| US9514305B2 (en) | Code pointer authentication for hardware flow control | |
| CN111052115B (zh) | 取决于调用路径的认证的数据处理装置和方法 | |
| TWI567580B (zh) | 用於防止惡意軟體執行的方法與系統 | |
| US7853803B2 (en) | System and method for thwarting buffer overflow attacks using encrypted process pointers | |
| CN107077562B (zh) | 用于动态控制代码执行的计算机实现的方法和系统 | |
| CN103955438A (zh) | 基于硬件辅助虚拟化技术的进程内存保护方法 | |
| JP2007514994A (ja) | 耐タンパ・トラステッド仮想マシン | |
| WO2017000648A1 (zh) | 一种被加固软件的认证方法及装置 | |
| Shi et al. | InfoShield: A security architecture for protecting information usage in memory | |
| US6675297B1 (en) | Method and apparatus for generating and using a tamper-resistant encryption key | |
| CN114547651B (zh) | 一种基于链式加密的操作系统中断上下文保护方法 | |
| KR102871359B1 (ko) | 커널 기반 가상머신 환경에서의 펌웨어 업데이트 보안 시스템 및 방법 | |
| KR102871354B1 (ko) | 컨테이너 실행 바이너리 검증 시스템 및 방법 | |
| Ruan | The Engine: Safeguarding Itself before Safeguarding Others |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PA0105 | International application |
Patent event date: 20161013 Patent event code: PA01051R01D Comment text: International Patent Application |
|
| PG1501 | Laying open of application | ||
| PC1203 | Withdrawal of no request for examination |