RU2009115656A - Виртуализация для диверсифицированной защиты от несанкционированного вмешательства - Google Patents
Виртуализация для диверсифицированной защиты от несанкционированного вмешательства Download PDFInfo
- Publication number
- RU2009115656A RU2009115656A RU2009115656/08A RU2009115656A RU2009115656A RU 2009115656 A RU2009115656 A RU 2009115656A RU 2009115656/08 A RU2009115656/08 A RU 2009115656/08A RU 2009115656 A RU2009115656 A RU 2009115656A RU 2009115656 A RU2009115656 A RU 2009115656A
- Authority
- RU
- Russia
- Prior art keywords
- program
- copies
- instructions
- diversified
- optionally
- Prior art date
Links
- 239000012634 fragment Substances 0.000 claims 1
- 230000007704 transition Effects 0.000 claims 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45504—Abstract machines for programme code execution, e.g. Java virtual machine [JVM], interpreters, emulators
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Devices For Executing Special Programs (AREA)
- Storage Device Security (AREA)
- Stored Programmes (AREA)
- Adjustable Resistors (AREA)
Abstract
1. Компьютерно-реализуемый способ, содержащий этапы, на которых: ! предоставляют архитектуру (200) набора команд, которая содержит признаки для формирования диверсифицированных копий программы; ! используют архитектуру набора для формирования диверсифицированных копий программы (150); и ! предоставляют виртуальную машину (170) для выполнения одной из диверсифицированных копий программы. ! 2. Способ по п.1, в котором предоставление виртуальной машины содержит этап, на котором формируют динамически подключаемую библиотеку (172) виртуальной машины. ! 3. Способ по п.1, в котором признаки для формирования диверсифицированных копий программы содержат семантику (510) команд, которая предусматривает условное выполнение (512), используя предикативные регистры (513). ! 4. Способ по п.1, в котором признаки для формирования диверсифицированных копий программы содержат семантику (510) команд с ограниченным набором (514) команд, причем, необязательно, ограниченный набор команд не включает в себя команду (515) "пустая операция", причем, необязательно, ограниченный набор команд имеет ограниченное представление операндов (516), и причем, необязательно, ограниченный набора команд ограничивает, по меньшей мере, некоторые условные ветвления (517). ! 5. Способ по п.1, в котором признаки для формирования диверсифицированных копий программы, содержат кодирование (520) команд для переменных размеров (522) команд, причем, необязательно, признаки для формирования диверсифицированных копий программы содержат кодирование команд для назначения кода операций с помощью унарного кодирования, чтобы представлять физическое совмещение (524), причем, необязательно, призна�
Claims (10)
1. Компьютерно-реализуемый способ, содержащий этапы, на которых:
предоставляют архитектуру (200) набора команд, которая содержит признаки для формирования диверсифицированных копий программы;
используют архитектуру набора для формирования диверсифицированных копий программы (150); и
предоставляют виртуальную машину (170) для выполнения одной из диверсифицированных копий программы.
2. Способ по п.1, в котором предоставление виртуальной машины содержит этап, на котором формируют динамически подключаемую библиотеку (172) виртуальной машины.
3. Способ по п.1, в котором признаки для формирования диверсифицированных копий программы содержат семантику (510) команд, которая предусматривает условное выполнение (512), используя предикативные регистры (513).
4. Способ по п.1, в котором признаки для формирования диверсифицированных копий программы содержат семантику (510) команд с ограниченным набором (514) команд, причем, необязательно, ограниченный набор команд не включает в себя команду (515) "пустая операция", причем, необязательно, ограниченный набор команд имеет ограниченное представление операндов (516), и причем, необязательно, ограниченный набора команд ограничивает, по меньшей мере, некоторые условные ветвления (517).
5. Способ по п.1, в котором признаки для формирования диверсифицированных копий программы, содержат кодирование (520) команд для переменных размеров (522) команд, причем, необязательно, признаки для формирования диверсифицированных копий программы содержат кодирование команд для назначения кода операций с помощью унарного кодирования, чтобы представлять физическое совмещение (524), причем, необязательно, признаки для формирования диверсифицированных копий программы содержат кодирование команд для того, чтобы представить переменную битовую комбинацию для кода операции для команды (527), причем, необязательно, признаки для формирования диверсифицированных копий программы содержат кодирование команд для того, чтобы назначать битовую комбинацию на основе предшествующего выполнения кода (528) операции, и причем, необязательно, признаки для формирования диверсифицированных копий программы содержат кодирование команд для того, чтобы перераспределить структуру (529) декодирования, чтобы таким образом разрешить переход к точке в программе по двум или больше путям выполнения, при этом назначенный смысл битовой комбинации в точке зависит от пути выполнения до точки.
6. Способ по п.1, в котором признаки для формирования диверсифицированных копий программы содержат один или более фильтров (542) цикла выборки, причем, необязательно, один или более фильтров (542) цикла выборки содержат фильтр, который добавляет информацию к запрошенному биту или битам кода (543), причем, необязательно, информация содержит случайное значение (544), причем, необязательно, информация содержит значение программного счетчика (545) или информацию, по меньшей мере, частично на основе значения программного счетчика.
7. Способ по п.1, в котором признаки для формирования диверсифицированных копий программы содержат, по меньшей мере, одну структуру, выбранную из группы (550), состоящей из расходящихся деревьев, связных списков и хэш-таблиц, чтобы представлять программу.
8. Компьютерно-реализуемый способ, содержащий этапы, на которых:
предоставляют код, который предназначается для виртуальной машины (110); и
формируют диверсифицированную виртуальную машину посредством комбинирования фрагментов кода из различных местоположений и некоторого автоформируемого кода для компоновки представления управляемого кода для реализации виртуальной машины или вывести DLL (170) диверсифицированной виртуальной машины.
9. Способ повышения уровня защиты (105) программного обеспечения, при этом способ содержит этапы, на которых:
предоставляют базовый уровень виртуализации, который содержит набор команд; и
предоставляют один или более дополнительных уровней виртуализации, при этом, по меньшей мере, один из одного или более дополнительных уровней виртуализации виртуализирует набор команд базового уровня виртуализации.
10. Способ по п.9, дополнительно содержащий этапы, на которых:
формируют индивидуализированные копии программного кода (150); и
предоставляют виртуальную машину (170) для выполнения индивидуализированной копии программного кода, при этом виртуальная машина может изменять работу программы в среде выполнения.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/553,841 US8584109B2 (en) | 2006-10-27 | 2006-10-27 | Virtualization for diversified tamper resistance |
US11/553,841 | 2006-10-27 |
Publications (2)
Publication Number | Publication Date |
---|---|
RU2009115656A true RU2009115656A (ru) | 2010-10-27 |
RU2458394C2 RU2458394C2 (ru) | 2012-08-10 |
Family
ID=39495793
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
RU2009115656/08A RU2458394C2 (ru) | 2006-10-27 | 2007-10-16 | Виртуализация для диверсифицированной защиты от несанкционированного вмешательства |
Country Status (16)
Country | Link |
---|---|
US (2) | US8584109B2 (ru) |
EP (1) | EP2076863B1 (ru) |
JP (1) | JP5302202B2 (ru) |
KR (1) | KR101440646B1 (ru) |
CN (1) | CN101529436B (ru) |
AU (1) | AU2007349213B2 (ru) |
BR (1) | BRPI0716471A2 (ru) |
CA (1) | CA2662558C (ru) |
ES (1) | ES2675371T3 (ru) |
IL (1) | IL197361A0 (ru) |
MX (1) | MX2009003342A (ru) |
MY (1) | MY151697A (ru) |
NO (1) | NO344529B1 (ru) |
RU (1) | RU2458394C2 (ru) |
TW (1) | TWI431500B (ru) |
WO (1) | WO2008115279A2 (ru) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
RU2620712C2 (ru) * | 2012-01-09 | 2017-05-29 | Конинклейке Филипс Н.В. | Устройство виртуальной машины, имеющее управляемую ключом обфускацию, и способ |
Families Citing this family (120)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8584109B2 (en) | 2006-10-27 | 2013-11-12 | Microsoft Corporation | Virtualization for diversified tamper resistance |
US20080184019A1 (en) * | 2007-01-30 | 2008-07-31 | International Business Machines Corporation | Method for embedding short rare code sequences in hot code without branch-arounds |
KR100922862B1 (ko) * | 2007-11-14 | 2009-10-20 | 성균관대학교산학협력단 | 명령어의 부호화를 통한 시스템 보안방법 |
WO2009108245A2 (en) * | 2007-12-21 | 2009-09-03 | University Of Virginia Patent Foundation | System, method and computer program product for protecting software via continuous anti-t ampering and obfuscation transforms |
US8819647B2 (en) * | 2008-01-25 | 2014-08-26 | International Business Machines Corporation | Performance improvements for nested virtual machines |
US8261254B2 (en) * | 2008-03-31 | 2012-09-04 | Symantec Corporation | Dynamic insertion and removal of virtual software sub-layers |
JP5151722B2 (ja) * | 2008-06-20 | 2013-02-27 | ソニー株式会社 | データ処理装置およびその方法、並びにプログラム |
US8434073B1 (en) * | 2008-11-03 | 2013-04-30 | Symantec Corporation | Systems and methods for preventing exploitation of byte sequences that violate compiler-generated alignment |
US8387031B2 (en) * | 2009-01-23 | 2013-02-26 | International Business Machines Corporation | Providing code improvements for nested virtual machines |
KR100985074B1 (ko) * | 2009-02-05 | 2010-10-04 | 주식회사 안철수연구소 | 선별적 가상화를 이용한 악성 코드 사전 차단 장치, 방법 및 그 방법을 실행하는 프로그램이 기록된 컴퓨터로 읽을 수 있는 기록매체 |
US20110099439A1 (en) * | 2009-10-23 | 2011-04-28 | Infineon Technologies Ag | Automatic diverse software generation for use in high integrity systems |
US20110208948A1 (en) * | 2010-02-23 | 2011-08-25 | Infineon Technologies Ag | Reading to and writing from peripherals with temporally separated redundant processor execution |
WO2011116446A1 (en) * | 2010-03-24 | 2011-09-29 | Irdeto Canada Corporation | System and method for random algorithm selection to dynamically conceal the operation of software |
JP5549810B2 (ja) * | 2010-06-25 | 2014-07-16 | 日本電気株式会社 | プログラム難読化装置、プログラム制御装置、プログラム難読化方法及びプログラム |
EP2598987B1 (en) * | 2010-07-29 | 2019-03-06 | Irdeto B.V. | System and method for efficiently deploying massively diverse program instances to resist differential attacks |
CN101944042A (zh) * | 2010-09-01 | 2011-01-12 | 深圳市拜特科技股份有限公司 | 一种Java程序的运行方法及电子终端 |
US9047101B2 (en) * | 2010-12-06 | 2015-06-02 | Google Inc. | Method for compiling an intermediate code of an application |
EP2482184A1 (en) * | 2011-02-01 | 2012-08-01 | Irdeto B.V. | Adaptive obfuscated virtual machine |
CN102231180B (zh) * | 2011-07-30 | 2014-05-28 | 张鹏 | 处理器指令编码可重定义的方法 |
US8533836B2 (en) | 2012-01-13 | 2013-09-10 | Accessdata Group, Llc | Identifying software execution behavior |
US8959577B2 (en) * | 2012-04-13 | 2015-02-17 | Cisco Technology, Inc. | Automatic curation and modification of virtualized computer programs |
JP6133409B2 (ja) * | 2012-05-25 | 2017-05-24 | コーニンクレッカ フィリップス エヌ ヴェKoninklijke Philips N.V. | プログラムのリバースエンジニアリング及び/又は改竄に対する保護のための方法、システム及び装置 |
US9436474B2 (en) * | 2012-07-27 | 2016-09-06 | Microsoft Technology Licensing, Llc | Lock free streaming of executable code data |
CN102855139B (zh) * | 2012-08-10 | 2015-04-22 | 浙江省电力公司电力科学研究院 | 一种反编译数据流分析中的寄存器清除方法及系统 |
CN103685399B (zh) | 2012-09-17 | 2018-03-23 | 腾讯科技(深圳)有限公司 | 一种登录类Unix虚拟容器的方法、装置和系统 |
US9336370B2 (en) * | 2012-12-06 | 2016-05-10 | Apple Inc. | Method and apparatus for dynamic obfuscation of static data |
US9560014B2 (en) * | 2013-01-23 | 2017-01-31 | Mcafee, Inc. | System and method for an endpoint hardware assisted network firewall in a security environment |
US9116712B2 (en) * | 2013-02-28 | 2015-08-25 | Microsoft Technology Licensing, Llc | Compile based obfuscation |
KR101500512B1 (ko) * | 2013-05-15 | 2015-03-18 | 소프트캠프(주) | 데이터 프로세싱 시스템 보안 장치와 보안방법 |
KR101500714B1 (ko) * | 2013-05-15 | 2015-03-10 | 주식회사 코스콤 | 시스템의 지연 방지 방법 및 그 시스템 |
WO2014210277A1 (en) | 2013-06-28 | 2014-12-31 | The Trustees Of Columbia University In The City Of New York | Diversified instruction set processing to enhance security |
US9250937B1 (en) * | 2013-11-06 | 2016-02-02 | The Regents Of The University Of California | Code randomization for just-in-time compilers |
US9223995B1 (en) * | 2013-12-10 | 2015-12-29 | Progress Software Corporation | Semantic obfuscation of data in real time |
WO2015149214A1 (en) * | 2014-03-31 | 2015-10-08 | Irdeto B.V. | Method, apparatus, and computer-readable medium for obfuscating execution of application on virtual machine |
RU2568282C2 (ru) * | 2014-04-18 | 2015-11-20 | Закрытое акционерное общество "Лаборатория Касперского" | Система и способ обеспечения отказоустойчивости антивирусной защиты, реализуемой в виртуальной среде |
US9323556B2 (en) | 2014-09-30 | 2016-04-26 | Amazon Technologies, Inc. | Programmatic event detection and message generation for requests to execute program code |
US9715402B2 (en) | 2014-09-30 | 2017-07-25 | Amazon Technologies, Inc. | Dynamic code deployment and versioning |
US9146764B1 (en) | 2014-09-30 | 2015-09-29 | Amazon Technologies, Inc. | Processing event messages for user requests to execute program code |
US9600312B2 (en) | 2014-09-30 | 2017-03-21 | Amazon Technologies, Inc. | Threading as a service |
US10048974B1 (en) | 2014-09-30 | 2018-08-14 | Amazon Technologies, Inc. | Message-based computation request scheduling |
US9830193B1 (en) | 2014-09-30 | 2017-11-28 | Amazon Technologies, Inc. | Automatic management of low latency computational capacity |
US9678773B1 (en) | 2014-09-30 | 2017-06-13 | Amazon Technologies, Inc. | Low latency computational capacity provisioning |
US9537788B2 (en) | 2014-12-05 | 2017-01-03 | Amazon Technologies, Inc. | Automatic determination of resource sizing |
US9733967B2 (en) | 2015-02-04 | 2017-08-15 | Amazon Technologies, Inc. | Security protocols for low latency execution of program code |
US9588790B1 (en) | 2015-02-04 | 2017-03-07 | Amazon Technologies, Inc. | Stateful virtual compute system |
CN104680042B (zh) * | 2015-03-10 | 2017-10-24 | 北京深思数盾科技股份有限公司 | 一种虚拟机性能分析的方法及系统 |
US9930103B2 (en) | 2015-04-08 | 2018-03-27 | Amazon Technologies, Inc. | Endpoint management system providing an application programming interface proxy service |
US9785476B2 (en) | 2015-04-08 | 2017-10-10 | Amazon Technologies, Inc. | Endpoint management system and virtual compute system |
CN105046117A (zh) * | 2015-06-30 | 2015-11-11 | 西北大学 | 一种具有指令集随机化的代码虚拟化软件保护系统 |
CN105045605B (zh) * | 2015-08-28 | 2019-05-24 | 成都卫士通信息产业股份有限公司 | 一种将dll注入目标进程的方法和系统 |
US9811434B1 (en) | 2015-12-16 | 2017-11-07 | Amazon Technologies, Inc. | Predictive management of on-demand code execution |
US10754701B1 (en) | 2015-12-16 | 2020-08-25 | Amazon Technologies, Inc. | Executing user-defined code in response to determining that resources expected to be utilized comply with resource restrictions |
US10067801B1 (en) | 2015-12-21 | 2018-09-04 | Amazon Technologies, Inc. | Acquisition and maintenance of compute capacity |
US9910713B2 (en) | 2015-12-21 | 2018-03-06 | Amazon Technologies, Inc. | Code execution request routing |
CN106960141A (zh) * | 2016-01-08 | 2017-07-18 | 阿里巴巴集团控股有限公司 | 虚拟机指令的编码、解码方法及装置、虚拟机保护系统 |
US10891145B2 (en) | 2016-03-30 | 2021-01-12 | Amazon Technologies, Inc. | Processing pre-existing data sets at an on demand code execution environment |
US11132213B1 (en) | 2016-03-30 | 2021-09-28 | Amazon Technologies, Inc. | Dependency-based process of pre-existing data sets at an on demand code execution environment |
EP3246837A1 (en) * | 2016-05-19 | 2017-11-22 | SFNT Germany GmbH | Method to generate special purpose virtual machines |
US10102040B2 (en) | 2016-06-29 | 2018-10-16 | Amazon Technologies, Inc | Adjusting variable limit on concurrent code executions |
US10296331B2 (en) * | 2016-07-12 | 2019-05-21 | International Business Machines Corporation | Log-based software porting |
US10162605B2 (en) * | 2016-07-20 | 2018-12-25 | Microsoft Technology Licensing, Llc | Code snippet content recommendation to define an object literal |
EP3437011B1 (en) | 2016-07-28 | 2020-12-16 | Hewlett-Packard Development Company, L.P. | Code package variants |
US10884787B1 (en) | 2016-09-23 | 2021-01-05 | Amazon Technologies, Inc. | Execution guarantees in an on-demand network code execution system |
US11119813B1 (en) | 2016-09-30 | 2021-09-14 | Amazon Technologies, Inc. | Mapreduce implementation using an on-demand network code execution system |
US10325148B2 (en) * | 2016-09-30 | 2019-06-18 | Wipro Limited | Method and a system for optical character recognition |
US11017125B2 (en) * | 2016-12-13 | 2021-05-25 | University Of Florida Research Foundation, Incorporated | Uniquified FPGA virtualization approach to hardware security |
US10303861B2 (en) * | 2017-01-26 | 2019-05-28 | Immunant, Inc. | Software diversification in external contexts |
RU2638000C1 (ru) | 2017-02-08 | 2017-12-08 | Акционерное общество "Лаборатория Касперского" | Способ контроля системы исполнения программируемого логического контроллера |
EP3586229A4 (en) * | 2017-02-21 | 2020-12-23 | Privacy Software Solutions Ltd. | METHOD AND SYSTEM FOR GENERATING MULTIPLE MOBILE TELEPHONE ENVIRONMENTS AND PAYMENTS ON A SINGLE HANDSET WITH A SINGLE SIM CARD |
US10564946B1 (en) | 2017-12-13 | 2020-02-18 | Amazon Technologies, Inc. | Dependency handling in an on-demand network code execution system |
US10733085B1 (en) | 2018-02-05 | 2020-08-04 | Amazon Technologies, Inc. | Detecting impedance mismatches due to cross-service calls |
US10831898B1 (en) | 2018-02-05 | 2020-11-10 | Amazon Technologies, Inc. | Detecting privilege escalations in code including cross-service calls |
US10725752B1 (en) | 2018-02-13 | 2020-07-28 | Amazon Technologies, Inc. | Dependency handling in an on-demand network code execution system |
US10776091B1 (en) | 2018-02-26 | 2020-09-15 | Amazon Technologies, Inc. | Logging endpoint in an on-demand code execution system |
US10853115B2 (en) | 2018-06-25 | 2020-12-01 | Amazon Technologies, Inc. | Execution of auxiliary functions in an on-demand network code execution system |
US10649749B1 (en) | 2018-06-26 | 2020-05-12 | Amazon Technologies, Inc. | Cross-environment application of tracing information for improved code execution |
US11146569B1 (en) | 2018-06-28 | 2021-10-12 | Amazon Technologies, Inc. | Escalation-resistant secure network services using request-scoped authentication information |
US10949237B2 (en) | 2018-06-29 | 2021-03-16 | Amazon Technologies, Inc. | Operating system customization in an on-demand network code execution system |
US11099870B1 (en) | 2018-07-25 | 2021-08-24 | Amazon Technologies, Inc. | Reducing execution times in an on-demand network code execution system using saved machine states |
CA3106251A1 (en) * | 2018-08-28 | 2020-03-05 | Digital Immunity, Inc. | Non-disruptive mitigation of malware attacks |
US11243953B2 (en) | 2018-09-27 | 2022-02-08 | Amazon Technologies, Inc. | Mapreduce implementation in an on-demand network code execution system and stream data processing system |
US11099917B2 (en) | 2018-09-27 | 2021-08-24 | Amazon Technologies, Inc. | Efficient state maintenance for execution environments in an on-demand code execution system |
EP3884412A1 (en) | 2018-11-19 | 2021-09-29 | Secure Micro Ltd | Computer implemented method |
US11943093B1 (en) | 2018-11-20 | 2024-03-26 | Amazon Technologies, Inc. | Network connection recovery after virtual machine transition in an on-demand network code execution system |
US10884812B2 (en) | 2018-12-13 | 2021-01-05 | Amazon Technologies, Inc. | Performance-based hardware emulation in an on-demand network code execution system |
US11010188B1 (en) | 2019-02-05 | 2021-05-18 | Amazon Technologies, Inc. | Simulated data object storage using on-demand computation of data objects |
US11861386B1 (en) | 2019-03-22 | 2024-01-02 | Amazon Technologies, Inc. | Application gateways in an on-demand network code execution system |
US11119809B1 (en) | 2019-06-20 | 2021-09-14 | Amazon Technologies, Inc. | Virtualization-based transaction handling in an on-demand network code execution system |
US11159528B2 (en) | 2019-06-28 | 2021-10-26 | Amazon Technologies, Inc. | Authentication to network-services using hosted authentication information |
US11190609B2 (en) | 2019-06-28 | 2021-11-30 | Amazon Technologies, Inc. | Connection pooling for scalable network services |
US11115404B2 (en) | 2019-06-28 | 2021-09-07 | Amazon Technologies, Inc. | Facilitating service connections in serverless code executions |
CN110430209B (zh) * | 2019-08-13 | 2021-12-14 | 中科天御(苏州)科技有限公司 | 一种基于动态多样化的工控系统安全防御方法及装置 |
US11106477B2 (en) | 2019-09-27 | 2021-08-31 | Amazon Technologies, Inc. | Execution of owner-specified code during input/output path to object storage service |
US11386230B2 (en) | 2019-09-27 | 2022-07-12 | Amazon Technologies, Inc. | On-demand code obfuscation of data in input path of object storage service |
US11550944B2 (en) | 2019-09-27 | 2023-01-10 | Amazon Technologies, Inc. | Code execution environment customization system for object storage service |
US11023311B2 (en) | 2019-09-27 | 2021-06-01 | Amazon Technologies, Inc. | On-demand code execution in input path of data uploaded to storage service in multiple data portions |
US11394761B1 (en) | 2019-09-27 | 2022-07-19 | Amazon Technologies, Inc. | Execution of user-submitted code on a stream of data |
US11263220B2 (en) | 2019-09-27 | 2022-03-01 | Amazon Technologies, Inc. | On-demand execution of object transformation code in output path of object storage service |
US10996961B2 (en) | 2019-09-27 | 2021-05-04 | Amazon Technologies, Inc. | On-demand indexing of data in input path of object storage service |
US11023416B2 (en) | 2019-09-27 | 2021-06-01 | Amazon Technologies, Inc. | Data access control system for object storage service based on owner-defined code |
US10908927B1 (en) | 2019-09-27 | 2021-02-02 | Amazon Technologies, Inc. | On-demand execution of object filter code in output path of object storage service |
US11416628B2 (en) | 2019-09-27 | 2022-08-16 | Amazon Technologies, Inc. | User-specific data manipulation system for object storage service based on user-submitted code |
US11360948B2 (en) | 2019-09-27 | 2022-06-14 | Amazon Technologies, Inc. | Inserting owner-specified data processing pipelines into input/output path of object storage service |
US11250007B1 (en) | 2019-09-27 | 2022-02-15 | Amazon Technologies, Inc. | On-demand execution of object combination code in output path of object storage service |
US11055112B2 (en) | 2019-09-27 | 2021-07-06 | Amazon Technologies, Inc. | Inserting executions of owner-specified code into input/output path of object storage service |
US11656892B1 (en) | 2019-09-27 | 2023-05-23 | Amazon Technologies, Inc. | Sequential execution of user-submitted code and native functions |
US11119826B2 (en) | 2019-11-27 | 2021-09-14 | Amazon Technologies, Inc. | Serverless call distribution to implement spillover while avoiding cold starts |
US10942795B1 (en) | 2019-11-27 | 2021-03-09 | Amazon Technologies, Inc. | Serverless call distribution to utilize reserved capacity without inhibiting scaling |
CN113031930B (zh) * | 2019-12-24 | 2022-07-05 | 武汉斗鱼鱼乐网络科技有限公司 | 一种控制流平坦化的源代码混淆生成方法及装置 |
US11714682B1 (en) | 2020-03-03 | 2023-08-01 | Amazon Technologies, Inc. | Reclaiming computing resources in an on-demand code execution system |
US11188391B1 (en) | 2020-03-11 | 2021-11-30 | Amazon Technologies, Inc. | Allocating resources to on-demand code executions under scarcity conditions |
CN111314377B (zh) * | 2020-03-17 | 2023-04-07 | 中科天御(苏州)科技有限公司 | 一种工控终端动态多样化云安全方法及系统 |
US11775640B1 (en) | 2020-03-30 | 2023-10-03 | Amazon Technologies, Inc. | Resource utilization-based malicious task detection in an on-demand code execution system |
US11593270B1 (en) | 2020-11-25 | 2023-02-28 | Amazon Technologies, Inc. | Fast distributed caching using erasure coded object parts |
US11550713B1 (en) | 2020-11-25 | 2023-01-10 | Amazon Technologies, Inc. | Garbage collection in distributed systems using life cycled storage roots |
KR102305845B1 (ko) | 2020-12-21 | 2021-09-29 | 쿠팡 주식회사 | 코드의 검증을 위한 전자 장치 및 그 방법 |
US11388210B1 (en) | 2021-06-30 | 2022-07-12 | Amazon Technologies, Inc. | Streaming analytics using a serverless compute system |
US11968280B1 (en) | 2021-11-24 | 2024-04-23 | Amazon Technologies, Inc. | Controlling ingestion of streaming data to serverless function executions |
US12015603B2 (en) | 2021-12-10 | 2024-06-18 | Amazon Technologies, Inc. | Multi-tenant mode for serverless code execution |
CN114707124B (zh) * | 2022-03-22 | 2022-11-29 | 广东技术师范大学 | 基于代码虚拟化的.net平台代码保护方法和系统 |
Family Cites Families (56)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6006328A (en) * | 1995-07-14 | 1999-12-21 | Christopher N. Drake | Computer software authentication, protection, and security system |
US6151618A (en) * | 1995-12-04 | 2000-11-21 | Microsoft Corporation | Safe general purpose virtual machine computing system |
US6049863A (en) * | 1996-07-24 | 2000-04-11 | Advanced Micro Devices, Inc. | Predecoding technique for indicating locations of opcode bytes in variable byte-length instructions within a superscalar microprocessor |
EP1019794B1 (en) * | 1997-10-02 | 2008-08-20 | Koninklijke Philips Electronics N.V. | Data processing device for processing virtual machine instructions |
WO1999018485A2 (en) * | 1997-10-02 | 1999-04-15 | Koninklijke Philips Electronics N.V. | Variable instruction set computer |
US6643775B1 (en) * | 1997-12-05 | 2003-11-04 | Jamama, Llc | Use of code obfuscation to inhibit generation of non-use-restricted versions of copy protected software applications |
US6092202A (en) * | 1998-05-22 | 2000-07-18 | N*Able Technologies, Inc. | Method and system for secure transactions in a computer system |
US6594761B1 (en) * | 1999-06-09 | 2003-07-15 | Cloakware Corporation | Tamper resistant software encoding |
US6832367B1 (en) * | 2000-03-06 | 2004-12-14 | International Business Machines Corporation | Method and system for recording and replaying the execution of distributed java programs |
US7051200B1 (en) | 2000-06-27 | 2006-05-23 | Microsoft Corporation | System and method for interfacing a software process to secure repositories |
US7093239B1 (en) * | 2000-07-14 | 2006-08-15 | Internet Security Systems, Inc. | Computer immune system and method for detecting unwanted code in a computer system |
US20030023960A1 (en) * | 2001-07-25 | 2003-01-30 | Shoab Khan | Microprocessor instruction format using combination opcodes and destination prefixes |
US7613930B2 (en) * | 2001-01-19 | 2009-11-03 | Trustware International Limited | Method for protecting computer programs and data from hostile code |
US7065755B2 (en) * | 2001-03-15 | 2006-06-20 | Sun Microsystems, Inc. | Method and apparatus for removing class initialization barriers from shared compiled methods |
US7543288B2 (en) * | 2001-03-27 | 2009-06-02 | Sun Microsystems, Inc. | Reduced instruction set for Java virtual machines |
US7320075B2 (en) * | 2001-11-20 | 2008-01-15 | Safenet, Inc. | Software protection method utilizing hidden application code in a protection dynamic link library object |
US20030135719A1 (en) * | 2002-01-14 | 2003-07-17 | International Business Machines Corporation | Method and system using hardware assistance for tracing instruction disposition information |
US8843903B1 (en) * | 2003-06-11 | 2014-09-23 | Symantec Corporation | Process tracking application layered system |
WO2004046914A2 (en) * | 2002-11-20 | 2004-06-03 | Koninklijke Philips Electronics N.V. | Vliw processor with copy register file |
US7150003B2 (en) * | 2002-11-25 | 2006-12-12 | Matsushita Electric Industrial Co., Ltd. | Class coalescence for obfuscation of object-oriented software |
US20040117532A1 (en) * | 2002-12-11 | 2004-06-17 | Bennett Steven M. | Mechanism for controlling external interrupts in a virtual machine system |
US7162711B2 (en) * | 2002-12-12 | 2007-01-09 | Sun Microsystems, Inc. | Method of automatically virtualizing core native libraries of a virtual machine |
KR100568228B1 (ko) | 2003-05-20 | 2006-04-07 | 삼성전자주식회사 | 고유번호를 이용한 프로그램 탬퍼 방지 방법과 난독처리된 프로그램 업그레이드 방법, 상기 방법을 위한 장치 |
US7707566B2 (en) * | 2003-06-26 | 2010-04-27 | Microsoft Corporation | Software development infrastructure |
US7260815B1 (en) * | 2003-06-30 | 2007-08-21 | Vmware, Inc. | Method and apparatus for managing registers in a binary translator |
US9020801B2 (en) * | 2003-08-11 | 2015-04-28 | Scalemp Inc. | Cluster-based operating system-agnostic virtual computing system |
GB2405958A (en) * | 2003-08-20 | 2005-03-16 | Macrovision Europ Ltd | Code obfuscation and controlling a processor by emulation |
US20050066324A1 (en) | 2003-09-22 | 2005-03-24 | Microsoft Corporation | Method and system for distributing and installing software |
US8220058B2 (en) * | 2003-09-25 | 2012-07-10 | Oracle America, Inc. | Rendering and encryption engine for application program obfuscation |
US7114055B1 (en) * | 2003-09-29 | 2006-09-26 | Xilinx, Inc. | Reduced instruction set computer architecture with duplication of bit values from an immediate field of an instruction multiple times in a data word |
US7376949B2 (en) * | 2003-10-01 | 2008-05-20 | Hewlett-Packard Development Company, L.P. | Resource allocation and protection in a multi-virtual environment |
US20050091658A1 (en) | 2003-10-24 | 2005-04-28 | Microsoft Corporation | Operating system resource protection |
US7421689B2 (en) * | 2003-10-28 | 2008-09-02 | Hewlett-Packard Development Company, L.P. | Processor-architecture for facilitating a virtual machine monitor |
US20050108440A1 (en) * | 2003-11-19 | 2005-05-19 | Intel Corporation | Method and system for coalescing input output accesses to a virtual device |
US7516331B2 (en) | 2003-11-26 | 2009-04-07 | International Business Machines Corporation | Tamper-resistant trusted java virtual machine and method of using the same |
US20050177826A1 (en) * | 2004-02-05 | 2005-08-11 | Miller James S. | Versioning support in object-oriented programming languages and tools |
JP3970856B2 (ja) | 2004-03-16 | 2007-09-05 | Kddi株式会社 | プログラム難読化装置、プログラム配布システム、コンピュータプログラム |
US20050216920A1 (en) * | 2004-03-24 | 2005-09-29 | Vijay Tewari | Use of a virtual machine to emulate a hardware device |
US7559091B2 (en) | 2004-06-12 | 2009-07-07 | Microsoft Corporation | Software obfuscation |
US7590867B2 (en) * | 2004-06-24 | 2009-09-15 | Intel Corporation | Method and apparatus for providing secure virtualization of a trusted platform module |
US8271976B2 (en) * | 2004-06-30 | 2012-09-18 | Microsoft Corporation | Systems and methods for initializing multiple virtual processors within a single virtual machine |
EP1669864B1 (en) * | 2004-12-03 | 2010-06-02 | STMicroelectronics Srl | A process for managing virtual machines in a physical processing machine, corresponding processor system and computer program product therefor |
US7472381B2 (en) * | 2004-12-07 | 2008-12-30 | Roaming Messenger, Inc. | Method of and instruction set for executing operations on a device |
US7512936B2 (en) * | 2004-12-17 | 2009-03-31 | Sap Aktiengesellschaft | Code diversification |
US7409719B2 (en) * | 2004-12-21 | 2008-08-05 | Microsoft Corporation | Computer security management, such as in a virtual machine or hardened operating system |
US8370819B2 (en) * | 2005-03-25 | 2013-02-05 | Microsoft Corporation | Mechanism to store information describing a virtual machine in a virtual disk image |
JP4806402B2 (ja) * | 2005-04-21 | 2011-11-02 | パナソニック株式会社 | プログラム難読化装置及び難読化方法 |
US20070022275A1 (en) * | 2005-07-25 | 2007-01-25 | Mistletoe Technologies, Inc. | Processor cluster implementing conditional instruction skip |
US7581085B1 (en) * | 2005-09-08 | 2009-08-25 | Parallels Software International, Inc. | Fast stub and frame technology for virtual machine optimization |
US8429630B2 (en) * | 2005-09-15 | 2013-04-23 | Ca, Inc. | Globally distributed utility computing cloud |
US8104033B2 (en) * | 2005-09-30 | 2012-01-24 | Computer Associates Think, Inc. | Managing virtual machines based on business priorty |
US7882499B2 (en) * | 2005-10-24 | 2011-02-01 | Microsoft Corporation | Caching dynamically compiled code to storage |
US8417796B2 (en) * | 2006-01-17 | 2013-04-09 | Leostream Corporation | System and method for transferring a computing environment between computers of dissimilar configurations |
US8296742B2 (en) * | 2006-10-10 | 2012-10-23 | Microsoft Corporation | Automatic native generation |
US8584109B2 (en) | 2006-10-27 | 2013-11-12 | Microsoft Corporation | Virtualization for diversified tamper resistance |
US8078649B2 (en) * | 2008-04-07 | 2011-12-13 | Installfree, Inc. | Method and system for centrally deploying and managing virtual software applications |
-
2006
- 2006-10-27 US US11/553,841 patent/US8584109B2/en active Active
-
2007
- 2007-10-12 TW TW096138284A patent/TWI431500B/zh not_active IP Right Cessation
- 2007-10-16 AU AU2007349213A patent/AU2007349213B2/en not_active Ceased
- 2007-10-16 BR BRPI0716471-8A2A patent/BRPI0716471A2/pt not_active IP Right Cessation
- 2007-10-16 MY MYPI20091258 patent/MY151697A/en unknown
- 2007-10-16 WO PCT/US2007/081485 patent/WO2008115279A2/en active Application Filing
- 2007-10-16 RU RU2009115656/08A patent/RU2458394C2/ru not_active IP Right Cessation
- 2007-10-16 JP JP2009534768A patent/JP5302202B2/ja active Active
- 2007-10-16 EP EP07874416.6A patent/EP2076863B1/en active Active
- 2007-10-16 CN CN2007800396079A patent/CN101529436B/zh active Active
- 2007-10-16 ES ES07874416.6T patent/ES2675371T3/es active Active
- 2007-10-16 KR KR1020097005677A patent/KR101440646B1/ko active IP Right Grant
- 2007-10-16 CA CA2662558A patent/CA2662558C/en active Active
- 2007-10-16 MX MX2009003342A patent/MX2009003342A/es not_active Application Discontinuation
-
2009
- 2009-03-03 IL IL197361A patent/IL197361A0/en unknown
- 2009-03-30 NO NO20091281A patent/NO344529B1/no unknown
-
2013
- 2013-11-11 US US14/076,685 patent/US9459893B2/en active Active
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
RU2620712C2 (ru) * | 2012-01-09 | 2017-05-29 | Конинклейке Филипс Н.В. | Устройство виртуальной машины, имеющее управляемую ключом обфускацию, и способ |
Also Published As
Publication number | Publication date |
---|---|
US20080127125A1 (en) | 2008-05-29 |
BRPI0716471A2 (pt) | 2014-03-18 |
WO2008115279A2 (en) | 2008-09-25 |
TW200832179A (en) | 2008-08-01 |
US20140068580A1 (en) | 2014-03-06 |
IL197361A0 (en) | 2009-12-24 |
TWI431500B (zh) | 2014-03-21 |
NO20091281L (no) | 2009-05-22 |
US9459893B2 (en) | 2016-10-04 |
KR20090082176A (ko) | 2009-07-29 |
CN101529436A (zh) | 2009-09-09 |
AU2007349213A1 (en) | 2008-09-25 |
JP2010508583A (ja) | 2010-03-18 |
CA2662558A1 (en) | 2008-09-25 |
AU2007349213B2 (en) | 2011-10-06 |
CA2662558C (en) | 2015-12-01 |
EP2076863B1 (en) | 2018-05-02 |
ES2675371T3 (es) | 2018-07-10 |
US8584109B2 (en) | 2013-11-12 |
NO344529B1 (no) | 2020-01-27 |
MY151697A (en) | 2014-06-30 |
WO2008115279A3 (en) | 2009-02-19 |
CN101529436B (zh) | 2012-12-12 |
EP2076863A4 (en) | 2013-09-04 |
JP5302202B2 (ja) | 2013-10-02 |
EP2076863A2 (en) | 2009-07-08 |
KR101440646B1 (ko) | 2014-09-22 |
MX2009003342A (es) | 2009-05-12 |
RU2458394C2 (ru) | 2012-08-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
RU2009115656A (ru) | Виртуализация для диверсифицированной защиты от несанкционированного вмешательства | |
CN109074447A (zh) | 用于元数据处理的技术 | |
Mackey | Introducing. NET 4.0: With Visual Studio 2010 | |
US9183018B2 (en) | Dynamic on/off just-in-time compilation in a dynamic translator using instruction code translation | |
JP6133409B2 (ja) | プログラムのリバースエンジニアリング及び/又は改竄に対する保護のための方法、システム及び装置 | |
Ball et al. | Static TypeScript: an implementation of a static compiler for the TypeScript language | |
JP5759537B2 (ja) | 命令としてデータ値を評価するシステムおよび方法 | |
Shapiro et al. | {“Weird}{Machines”} in {ELF}: A Spotlight on the Underappreciated Metadata | |
Venkat | Breaking the ISA Barrier in Modern Computing | |
Yurichev | Reverse engineering for beginners | |
Spink et al. | Efficient code generation in a region-based dynamic binary translator | |
CN102902548B (zh) | 汇编级内存复制标准库函数的生成方法及装置 | |
Tröger | Specification-driven dynamic binary translation | |
Maus | Verification of hypervisor subroutines written in assembler | |
Mohr et al. | Hardware acceleration for programs in SSA form | |
Kim et al. | Demand paging techniques for flash memory using compiler post-pass optimizations | |
CN101907999A (zh) | 超长指令字程序的二进制翻译方法 | |
Strobel et al. | A backend tool for the integration of memory optimizations into embedded software | |
Přikryl et al. | Fast cycle-accurate compiled simulation | |
Pedersen et al. | Exact roots for a real-time garbage collector | |
Yermolovich et al. | Portable execution of legacy binaries on the Java virtual machine | |
Bebenita | Trace-Based Compilation and Optimization in Meta-Circular Virtual Execution Environments | |
Blundell | Writing a Simple Operating System—from Scratch | |
Filardo | Porting QEMU to plan 9: QEMU internals and port strategy | |
Mattos | Design space exploration of SW and HW IP based on object oriented methodology for embedded system applications |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PC41 | Official registration of the transfer of exclusive right |
Effective date: 20150526 |
|
MM4A | The patent is invalid due to non-payment of fees |
Effective date: 20191017 |