MX2017002724A - Sistema y metodo para proteger un dispositivo contra ataques en el flujo de procesamiento utilizando un complemento indicador de codigo. - Google Patents

Sistema y metodo para proteger un dispositivo contra ataques en el flujo de procesamiento utilizando un complemento indicador de codigo.

Info

Publication number
MX2017002724A
MX2017002724A MX2017002724A MX2017002724A MX2017002724A MX 2017002724 A MX2017002724 A MX 2017002724A MX 2017002724 A MX2017002724 A MX 2017002724A MX 2017002724 A MX2017002724 A MX 2017002724A MX 2017002724 A MX2017002724 A MX 2017002724A
Authority
MX
Mexico
Prior art keywords
code pointer
protecting
processing flow
device against
against attacks
Prior art date
Application number
MX2017002724A
Other languages
English (en)
Inventor
Hannen-Williams Lance
Original Assignee
Gemalto Sa
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gemalto Sa filed Critical Gemalto Sa
Publication of MX2017002724A publication Critical patent/MX2017002724A/es

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2135Metering

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

Un sistema, método y medio de almacenamiento legible por computadora con instrucciones para operar un procesador de un dispositivo electrónico para proteger contra manipulación no autorizada del indicador de código manteniendo y actualizando un complemento indicador de código contra el cual el indicador de código puede verificarse. Otros sistemas y métodos se describen.
MX2017002724A 2014-09-02 2015-08-31 Sistema y metodo para proteger un dispositivo contra ataques en el flujo de procesamiento utilizando un complemento indicador de codigo. MX2017002724A (es)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP14306351.9A EP2993605A1 (en) 2014-09-02 2014-09-02 System and method for protecting a device against attacks on processing flow using a code pointer complement
PCT/EP2015/069852 WO2016034537A1 (en) 2014-09-02 2015-08-31 System and method for protecting a device against attacks on processing flow using a code pointer complement

Publications (1)

Publication Number Publication Date
MX2017002724A true MX2017002724A (es) 2017-10-16

Family

ID=52272980

Family Applications (1)

Application Number Title Priority Date Filing Date
MX2017002724A MX2017002724A (es) 2014-09-02 2015-08-31 Sistema y metodo para proteger un dispositivo contra ataques en el flujo de procesamiento utilizando un complemento indicador de codigo.

Country Status (7)

Country Link
US (1) US10552602B2 (es)
EP (2) EP2993605A1 (es)
KR (1) KR101986028B1 (es)
BR (1) BR112017003791B1 (es)
CA (1) CA2958986C (es)
MX (1) MX2017002724A (es)
WO (1) WO2016034537A1 (es)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108959071B (zh) * 2018-06-14 2021-09-24 湖南鼎源蓝剑信息科技有限公司 一种基于RASP的PHP变形webshell的检测方法及系统

Family Cites Families (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5845331A (en) * 1994-09-28 1998-12-01 Massachusetts Institute Of Technology Memory system including guarded pointers
US5930509A (en) * 1996-01-29 1999-07-27 Digital Equipment Corporation Method and apparatus for performing binary translation
US5870762A (en) * 1996-09-26 1999-02-09 Lee; Paul Error detection and recovery of database files
US7080249B1 (en) * 2000-04-25 2006-07-18 Microsoft Corporation Code integrity verification that includes one or more cycles
DE10122505A1 (de) * 2001-05-10 2002-11-14 Giesecke & Devrient Gmbh Verfahren zum Schützen eines Rechners gegen Manipulation von Registerinhalten und Rechner zum Durchführen des Verfahrens
US20040021073A1 (en) * 2002-04-12 2004-02-05 California Institute Of Technology Apparatus and method for magnetic-based manipulation of microscopic particles
US7152193B2 (en) * 2002-08-13 2006-12-19 Lsi Logic Corporation Embedded sequence checking
EP1870829B1 (en) * 2006-06-23 2014-12-03 Microsoft Corporation Securing software by enforcing data flow integrity
US8108856B2 (en) * 2007-03-30 2012-01-31 Intel Corporation Method and apparatus for adaptive integrity measurement of computer software
KR101413682B1 (ko) * 2007-04-13 2014-07-01 삼성전자주식회사 분기 명령 검증부를 구비한 중앙 처리 장치
US9378138B2 (en) * 2011-06-29 2016-06-28 International Business Machines Corporation Conservative garbage collection and access protection
US9477834B2 (en) * 2012-02-08 2016-10-25 Arm Limited Maintaining secure data isolated from non-secure access when switching between domains
US9600289B2 (en) * 2012-05-30 2017-03-21 Apple Inc. Load-store dependency predictor PC hashing
US9390264B2 (en) * 2014-04-18 2016-07-12 Qualcomm Incorporated Hardware-based stack control information protection
US20160381050A1 (en) * 2015-06-26 2016-12-29 Intel Corporation Processors, methods, systems, and instructions to protect shadow stacks
US9965619B2 (en) * 2015-07-13 2018-05-08 Intel Corporation Return address overflow buffer
TWI551984B (zh) * 2015-09-23 2016-10-01 國立交通大學 自動化探針建構系統及其方法

Also Published As

Publication number Publication date
US10552602B2 (en) 2020-02-04
WO2016034537A1 (en) 2016-03-10
KR101986028B1 (ko) 2019-06-04
CA2958986C (en) 2019-06-04
EP3195175B1 (en) 2018-08-29
CA2958986A1 (en) 2016-03-10
EP3195175A1 (en) 2017-07-26
EP2993605A1 (en) 2016-03-09
BR112017003791B1 (pt) 2023-02-23
KR20170038045A (ko) 2017-04-05
US20170242999A1 (en) 2017-08-24
BR112017003791A2 (pt) 2017-12-12

Similar Documents

Publication Publication Date Title
IL249962B (en) Malicious code protection for computer systems based on process modification
HK1256527A1 (zh) 使用諸如以時間為中心的默克爾散列樹之類的散列樹的數據驗證方法和系統
GB2558826A8 (en) Mitigation of anti-sandbox malware techniques
IL262352A (en) System and methods for validating and performing operations on homomorphically encrypted data
MX2014013295A (es) Sistemas y metodos para el procesamiento seguro con unidad criptografica incorporada.
HK1244125B (zh) 用於惡意代碼檢測的準確保證的系統及方法
IL239914A0 (en) Method and system for protecting computer systems from harmful software
MX2017004292A (es) Sistemas y metodos para proteger dispositivos de red.
EP3550720A4 (en) AIRPLANE AND UNDERVOLTAGE PROTECTION METHOD AND DEVICE FOR ELECTRONIC REGULATORS THEREOF
HK1232328A1 (zh) 用於計算裝置保護的系統和方法
EP3190765A4 (en) Sensitive information processing method, device, server and security determination system
BR112016006445A2 (pt) método para proteger mensagens de transação transitando entre um aplicativo móvel em um dispositivo móvel e um gateway (ponte de ligação), e sistema processador de transações
MX349569B (es) Sistemas y metodos de reglas a base de riesgo para control de aplicaciones.
WO2015177647A3 (en) Technologies for protecting systems and data to prevent cyber-attacks
IL244557A0 (en) A system and method for protecting a computer system from USB-related weaknesses such as cyber attacks
EP3334085A4 (en) MANAGEMENT DEVICE, MANAGEMENT SYSTEM, KEY GENERATION DEVICE, KEY GENERATION SYSTEM, KEY MANAGEMENT SYSTEM, VEHICLE, MANAGEMENT METHOD, KEY GENERATION METHOD, AND COMPUTER PROGRAM
TR201820719T4 (tr) Bi̇r şi̇fre ayarlama yöntemi̇ ve bunun i̇çi̇n bi̇r eki̇pman.
EP3213185A4 (en) Computer security system and method to protect against keystroke logging
WO2015001058A3 (en) Method and device for de-blending seismic data using source signature
EP3283996A4 (en) Software validation for untrusted computing systems
WO2016073048A3 (en) Protecting against malicious modification in cryptographic operations
EP3438864A4 (en) PROCESS AND SYSTEM FOR PROTECTING A COMPUTER FILE AGAINST POSSIBLE MALWARE ENCRYPTION
WO2016016712A3 (en) Detecting and removing injected elements from content interfaces
HK1243471A1 (zh) 用於保護鏟斗邊沿的裝置、系統和方法
ZA201906967B (en) Computer systems, computer-implemented methods and software for processing payouts