SG10201504066QA - Method and system for defense against return oriented programming (rop) based attacks - Google Patents

Method and system for defense against return oriented programming (rop) based attacks

Info

Publication number
SG10201504066QA
SG10201504066QA SG10201504066QA SG10201504066QA SG10201504066QA SG 10201504066Q A SG10201504066Q A SG 10201504066QA SG 10201504066Q A SG10201504066Q A SG 10201504066QA SG 10201504066Q A SG10201504066Q A SG 10201504066QA SG 10201504066Q A SG10201504066Q A SG 10201504066QA
Authority
SG
Singapore
Prior art keywords
rop
oriented programming
defense against
based attacks
against return
Prior art date
Application number
SG10201504066QA
Inventor
Debin Gao
Original Assignee
Huawei Internat Pte Ltd
Singapore Man University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Internat Pte Ltd, Singapore Man University filed Critical Huawei Internat Pte Ltd
Priority to SG10201504066QA priority Critical patent/SG10201504066QA/en
Priority to PCT/SG2016/050047 priority patent/WO2016190809A1/en
Priority to CN201680002571.6A priority patent/CN106687973B/en
Priority to EP16705317.2A priority patent/EP3289511B1/en
Publication of SG10201504066QA publication Critical patent/SG10201504066QA/en
Priority to US15/820,857 priority patent/US20180096139A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/54Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • G06F9/30181Instruction operation extension or modification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2123Dummy operation

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Executing Machine-Instructions (AREA)
SG10201504066QA 2015-05-25 2015-05-25 Method and system for defense against return oriented programming (rop) based attacks SG10201504066QA (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
SG10201504066QA SG10201504066QA (en) 2015-05-25 2015-05-25 Method and system for defense against return oriented programming (rop) based attacks
PCT/SG2016/050047 WO2016190809A1 (en) 2015-05-25 2016-02-01 Method and system for defense against return oriented programming (rop) based attacks
CN201680002571.6A CN106687973B (en) 2015-05-25 2016-02-01 For defending the method and system based on the attack for returning to guiding programming (ROP)
EP16705317.2A EP3289511B1 (en) 2015-05-25 2016-02-01 Method and system for defense against return oriented programming (rop) based attacks
US15/820,857 US20180096139A1 (en) 2015-05-25 2017-11-22 Method and system for defense against return oriented programming (rop) based attacks

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
SG10201504066QA SG10201504066QA (en) 2015-05-25 2015-05-25 Method and system for defense against return oriented programming (rop) based attacks

Publications (1)

Publication Number Publication Date
SG10201504066QA true SG10201504066QA (en) 2016-12-29

Family

ID=55398360

Family Applications (1)

Application Number Title Priority Date Filing Date
SG10201504066QA SG10201504066QA (en) 2015-05-25 2015-05-25 Method and system for defense against return oriented programming (rop) based attacks

Country Status (5)

Country Link
US (1) US20180096139A1 (en)
EP (1) EP3289511B1 (en)
CN (1) CN106687973B (en)
SG (1) SG10201504066QA (en)
WO (1) WO2016190809A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11604873B1 (en) 2019-12-05 2023-03-14 Marvell Asia Pte, Ltd. Noisy instructions for side-channel attack mitigation
US11403101B1 (en) * 2021-02-25 2022-08-02 Marvell Asia Pte, Ltd. Introducing noise in threaded execution to mitigate cross-thread monitoring

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7430670B1 (en) * 1999-07-29 2008-09-30 Intertrust Technologies Corp. Software self-defense systems and methods
US7080289B2 (en) * 2001-10-10 2006-07-18 Arm Limited Tracing multiple data access instructions
US8839429B2 (en) * 2011-11-07 2014-09-16 Qualcomm Incorporated Methods, devices, and systems for detecting return-oriented programming exploits
US8776223B2 (en) * 2012-01-16 2014-07-08 Qualcomm Incorporated Dynamic execution prevention to inhibit return-oriented programming
CN102663312B (en) * 2012-03-20 2014-10-01 中国科学院信息工程研究所 ROP attack detection method and system based on virtual machine
US9075693B2 (en) * 2012-06-27 2015-07-07 Google Inc. Methods for updating applications
CN102831339B (en) * 2012-07-19 2015-05-27 北京奇虎科技有限公司 Method, device and browser for protecting webpage against malicious attack
US9250937B1 (en) * 2013-11-06 2016-02-02 The Regents Of The University Of California Code randomization for just-in-time compilers
CN104217157B (en) * 2014-07-31 2017-08-04 珠海市君天电子科技有限公司 A kind of anti-Application way of leak and system

Also Published As

Publication number Publication date
US20180096139A1 (en) 2018-04-05
CN106687973A (en) 2017-05-17
EP3289511A1 (en) 2018-03-07
CN106687973B (en) 2019-11-22
WO2016190809A1 (en) 2016-12-01
EP3289511B1 (en) 2019-12-04

Similar Documents

Publication Publication Date Title
SG10201912502QA (en) Defense system and method against cyber-physical attacks
GB201712642D0 (en) Order processing method and system
SG11201707149UA (en) Method and system for encryption
PT3260813T (en) Ranging system and ranging method
EP3475774C0 (en) System and method for threat impact determination
GB201618068D0 (en) System and method for on-demand passive entry disable
HK1249647A1 (en) Security tag and method for operating the same
GB2545651B (en) Door protection system and method
IL260556B1 (en) Firearm system and method
ZA201705408B (en) Control system and control method
IL266453B (en) Method and defence system for combating threats
EP3120899C0 (en) Method and system for maintaining at least one protective suit
SG10201707935UA (en) Fall Protection System And Method
GB2587113B (en) System and method
GB201514674D0 (en) Distributed encryption system and method
PL3124163T3 (en) System and method for laser processing
GB201510480D0 (en) System and method
GB201515115D0 (en) System and method
GB201803529D0 (en) Radio-station-recommendation system and method
SG10201504066QA (en) Method and system for defense against return oriented programming (rop) based attacks
HK1254526A1 (en) Fumigation system and method
GB2590335B (en) Control system and method
EP3261436A4 (en) System and method for treating items with insecticide
GB2567741B (en) Door protection system and method
GB201515719D0 (en) Hedging system and method