TWI686744B - 使用基於偏移的虛擬位址映射對目標應用功能的基於核心的偵測 - Google Patents

使用基於偏移的虛擬位址映射對目標應用功能的基於核心的偵測 Download PDF

Info

Publication number
TWI686744B
TWI686744B TW106125587A TW106125587A TWI686744B TW I686744 B TWI686744 B TW I686744B TW 106125587 A TW106125587 A TW 106125587A TW 106125587 A TW106125587 A TW 106125587A TW I686744 B TWI686744 B TW I686744B
Authority
TW
Taiwan
Prior art keywords
application
virtual address
mapping table
address mapping
program
Prior art date
Application number
TW106125587A
Other languages
English (en)
Chinese (zh)
Other versions
TW201807570A (zh
Inventor
薩柏瓦多庫馬 德
薩約桑德 喬治
Original Assignee
美商高通公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 美商高通公司 filed Critical 美商高通公司
Publication of TW201807570A publication Critical patent/TW201807570A/zh
Application granted granted Critical
Publication of TWI686744B publication Critical patent/TWI686744B/zh

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Prevention of errors by analysis, debugging or testing of software
    • G06F11/3604Analysis of software for verifying properties of programs
    • G06F11/3612Analysis of software for verifying properties of programs by runtime analysis
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/10Address translation
    • G06F12/1009Address translation using page tables, e.g. page table structures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/12Replacement control
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/565Static detection by checking file integrity
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/10Providing a specific technical effect
    • G06F2212/1052Security improvement
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/65Details of virtual memory and virtual address translation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Quality & Reliability (AREA)
  • Storage Device Security (AREA)
  • Devices For Executing Special Programs (AREA)
  • Debugging And Monitoring (AREA)
  • Stored Programmes (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Memory System Of A Hierarchy Structure (AREA)
  • Executing Machine-Instructions (AREA)
TW106125587A 2016-07-29 2017-07-28 使用基於偏移的虛擬位址映射對目標應用功能的基於核心的偵測 TWI686744B (zh)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US201662368223P 2016-07-29 2016-07-29
US62/368,223 2016-07-29
US15/465,515 US10360383B2 (en) 2016-07-29 2017-03-21 Kernel-based detection of target application functionality using offset-based virtual address mapping
US15/465,515 2017-03-21

Publications (2)

Publication Number Publication Date
TW201807570A TW201807570A (zh) 2018-03-01
TWI686744B true TWI686744B (zh) 2020-03-01

Family

ID=61009931

Family Applications (3)

Application Number Title Priority Date Filing Date
TW106125587A TWI686744B (zh) 2016-07-29 2017-07-28 使用基於偏移的虛擬位址映射對目標應用功能的基於核心的偵測
TW106125395A TWI696950B (zh) 2016-07-29 2017-07-28 用於偵測在計算設備上執行的應用軟體的高階功能的方法,及其系統和電腦程式
TW106125433A TW201807576A (zh) 2016-07-29 2017-07-28 對用於應用二進位碼的經更新的版本的目標應用功能的虛擬記憶體位址進行更新

Family Applications After (2)

Application Number Title Priority Date Filing Date
TW106125395A TWI696950B (zh) 2016-07-29 2017-07-28 用於偵測在計算設備上執行的應用軟體的高階功能的方法,及其系統和電腦程式
TW106125433A TW201807576A (zh) 2016-07-29 2017-07-28 對用於應用二進位碼的經更新的版本的目標應用功能的虛擬記憶體位址進行更新

Country Status (9)

Country Link
US (3) US10289847B2 (enExample)
EP (3) EP3491570A1 (enExample)
JP (3) JP2019528515A (enExample)
KR (3) KR20190038543A (enExample)
CN (3) CN109478217B (enExample)
BR (2) BR112019001506A2 (enExample)
SG (3) SG11201811213XA (enExample)
TW (3) TWI686744B (enExample)
WO (3) WO2018022255A1 (enExample)

Families Citing this family (43)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9754112B1 (en) * 2014-11-24 2017-09-05 Bluerisc, Inc. Detection and healing of vulnerabilities in computer code
US10289847B2 (en) 2016-07-29 2019-05-14 Qualcomm Incorporated Updating virtual memory addresses of target application functionalities for an updated version of application binary code
US10754988B2 (en) * 2016-08-30 2020-08-25 Winbond Electronics Corporation Anti-rollback version upgrade in secured memory chip
US10275596B1 (en) * 2016-12-15 2019-04-30 Symantec Corporation Activating malicious actions within electronic documents
US10362047B2 (en) * 2017-05-08 2019-07-23 KnowBe4, Inc. Systems and methods for providing user interfaces based on actions associated with untrusted emails
US10795659B1 (en) * 2017-11-02 2020-10-06 Virtuozzo International Gmbh System and method for live patching processes in user space
US10496437B2 (en) 2017-11-14 2019-12-03 International Business Machines Corporation Context switch by changing memory pointers
US10761983B2 (en) * 2017-11-14 2020-09-01 International Business Machines Corporation Memory based configuration state registers
US10592164B2 (en) 2017-11-14 2020-03-17 International Business Machines Corporation Portions of configuration state registers in-memory
US10558366B2 (en) 2017-11-14 2020-02-11 International Business Machines Corporation Automatic pinning of units of memory
US10552070B2 (en) 2017-11-14 2020-02-04 International Business Machines Corporation Separation of memory-based configuration state registers based on groups
US10635602B2 (en) 2017-11-14 2020-04-28 International Business Machines Corporation Address translation prior to receiving a storage reference using the address to be translated
US10642757B2 (en) 2017-11-14 2020-05-05 International Business Machines Corporation Single call to perform pin and unpin operations
US10698686B2 (en) 2017-11-14 2020-06-30 International Business Machines Corporation Configurable architectural placement control
US10664181B2 (en) 2017-11-14 2020-05-26 International Business Machines Corporation Protecting in-memory configuration state registers
US10901738B2 (en) 2017-11-14 2021-01-26 International Business Machines Corporation Bulk store and load operations of configuration state registers
US10761751B2 (en) 2017-11-14 2020-09-01 International Business Machines Corporation Configuration state registers grouped based on functional affinity
JP7013297B2 (ja) * 2018-03-22 2022-01-31 株式会社セキュアブレイン 不正検知装置、不正検知ネットワークシステム、及び不正検知方法
US11182283B2 (en) 2018-09-26 2021-11-23 Apple Inc. Allocation of memory within a data type-specific memory heap
CN109858239B (zh) * 2019-01-16 2020-01-17 四川大学 一种动静态结合的容器内cpu漏洞攻击程序检测方法
US10936507B2 (en) * 2019-03-28 2021-03-02 Intel Corporation System, apparatus and method for application specific address mapping
US11468881B2 (en) * 2019-03-29 2022-10-11 Samsung Electronics Co., Ltd. Method and system for semantic intelligent task learning and adaptive execution
US11561814B2 (en) * 2019-05-15 2023-01-24 Vmware, Inc. Browser-driven capture of application installations for application virtualization
US11061819B2 (en) 2019-05-28 2021-07-13 Micron Technology, Inc. Distributed computing based on memory as a service
US11169930B2 (en) 2019-05-28 2021-11-09 Micron Technology, Inc. Fine grain data migration to or from borrowed memory
US12436804B2 (en) 2019-05-28 2025-10-07 Micron Technology, Inc. Memory as a service for artificial neural network (ANN) applications
CN110598378B (zh) * 2019-08-01 2023-07-18 华为技术有限公司 全局偏移表度量方法、动态度量方法及相关装置、设备
KR102693699B1 (ko) * 2019-09-06 2024-08-12 삼성전자 주식회사 전자 장치에서 어플리케이션 업데이트 시 런타임 성능 개선 방법 및 장치
CN110888773B (zh) * 2019-10-28 2023-06-06 北京字节跳动网络技术有限公司 一种获取线程标识的方法、装置、介质和电子设备
TWI728637B (zh) * 2020-01-02 2021-05-21 中華電信股份有限公司 資訊安全防護方法及電腦可讀媒介
US11610020B2 (en) * 2020-04-07 2023-03-21 Mcafee, Llc Securing sensitive user data stored locally by an application
US11783042B2 (en) * 2020-06-17 2023-10-10 Qualcomm Incorporated Access control system and method for isolating mutually distrusting security domains
US11599342B2 (en) * 2020-09-28 2023-03-07 Red Hat, Inc. Pathname independent probing of binaries
CN113190448B (zh) * 2021-05-06 2022-11-04 网易(杭州)网络有限公司 测试代码更新方法及装置、电子设备、存储介质
CN113190237B (zh) * 2021-05-10 2024-01-19 北京百度网讯科技有限公司 数据处理方法、系统和装置
US11902398B2 (en) 2021-06-22 2024-02-13 Bizdata Inc. System and method to integrate data from one application to another application
US11934533B2 (en) 2021-06-22 2024-03-19 Microsoft Technology Licensing, Llc Detection of supply chain-related security threats to software applications
CN114268514B (zh) * 2021-11-30 2022-11-08 国汽智控(北京)科技有限公司 车辆与上位机的通信方法、装置及系统
CN114448815B (zh) * 2021-12-27 2023-11-03 天翼云科技有限公司 基于网络拓扑的cdn节点数据生成方法、装置及计算机设备
US11928460B2 (en) * 2022-04-20 2024-03-12 International Business Machines Corporation Dynamic update of a computer program in memory
TWI875076B (zh) * 2023-07-12 2025-03-01 新唐科技股份有限公司 用於執行空中更新韌體的微控制器及方法
KR20250080304A (ko) * 2023-11-28 2025-06-05 삼성전자주식회사 저널 데이터 생성 방법, 저널 리플레이 수행 방법, 및 스토리지 장치
CN119227067B (zh) * 2024-12-05 2025-03-07 成都数默科技有限公司 一种基于ai的二进制同源样本分析方法

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020032804A1 (en) * 1998-10-02 2002-03-14 Hunt Galen C. Heavyweight and lightweight instrumentation
US6681331B1 (en) * 1999-05-11 2004-01-20 Cylant, Inc. Dynamic software system intrusion detection
US20110082962A1 (en) * 2009-10-01 2011-04-07 Vmware, Inc. Monitoring a data structure in a virtual machine
US20120240230A1 (en) * 2011-03-15 2012-09-20 Phison Electronics Corp. Memory storage device and memory controller and virus scanning method thereof
US8566935B2 (en) * 2011-05-12 2013-10-22 At&T Intellectual Property I, L.P. Balancing malware rootkit detection with power consumption on mobile devices
US9178852B2 (en) * 2012-06-25 2015-11-03 Appthority, Inc. In-line filtering of insecure or unwanted mobile device software components or communications
US9235704B2 (en) * 2008-10-21 2016-01-12 Lookout, Inc. System and method for a scanning API

Family Cites Families (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5572590A (en) 1994-04-12 1996-11-05 International Business Machines Corporation Discrimination of malicious changes to digital information using multiple signatures
JP3011115B2 (ja) * 1997-01-17 2000-02-21 日本電気株式会社 デバッグシステム
US6785818B1 (en) 2000-01-14 2004-08-31 Symantec Corporation Thwarting malicious registry mapping modifications and map-loaded module masquerade attacks
US6477612B1 (en) 2000-02-08 2002-11-05 Microsoft Corporation Providing access to physical memory allocated to a process by selectively mapping pages of the physical memory with virtual memory allocated to the process
US20020178375A1 (en) * 2001-01-31 2002-11-28 Harris Corporation Method and system for protecting against malicious mobile code
US6598144B1 (en) * 2001-12-12 2003-07-22 Advanced Micro Devices, Inc. Arrangement for limiting access to addresses by a consumer process instigating work in a channel adapter based on virtual address mapping
US7213123B2 (en) * 2002-10-24 2007-05-01 International Business Machines Corporation Method and apparatus for mapping debugging information when debugging integrated executables in a heterogeneous architecture
GB0623276D0 (en) * 2006-11-22 2007-01-03 Transitive Ltd Memory consistency protection in a multiprocessor computing system
JP4763743B2 (ja) * 2008-03-28 2011-08-31 日本電信電話株式会社 プログラム動作比較装置及び方法及びプログラム
CN101315602B (zh) * 2008-05-09 2011-01-26 浙江大学 硬件化的进程内存管理核的方法
EP2151763A1 (en) 2008-07-28 2010-02-10 Nagravision S.A. Method and apparatus for obfuscating virtual to physical memory mapping
CN101430662B (zh) * 2008-12-09 2010-10-06 东信和平智能卡股份有限公司 Java语言程序与虚拟机程序共同调试的方法
US8117422B2 (en) 2009-02-05 2012-02-14 Texas Instruments Incorporated Fast address translation for linear and circular modes
US8943330B2 (en) 2011-05-10 2015-01-27 Qualcomm Incorporated Apparatus and method for hardware-based secure data processing using buffer memory address range rules
US9032526B2 (en) 2011-05-12 2015-05-12 Microsoft Technology Licensing, Llc Emulating mixed-code programs using a virtual machine instance
CN102243595B (zh) * 2011-08-03 2014-02-19 浙江大学 基于MMU架构的Java Card系统组件更新方法
US8897762B2 (en) * 2012-02-28 2014-11-25 Qualcomm Incorporated Optimizing signaling load overhead and battery consumption for background applications
IL219597A0 (en) 2012-05-03 2012-10-31 Syndrome X Ltd Malicious threat detection, malicious threat prevention, and a learning systems and methods for malicious threat detection and prevention
US20130301830A1 (en) * 2012-05-08 2013-11-14 Hagai Bar-El Device, system, and method of secure entry and handling of passwords
CN102855138B (zh) * 2012-07-20 2015-12-09 腾讯科技(深圳)有限公司 一种api的拦截方法、装置及移动终端
US9268936B2 (en) 2012-07-27 2016-02-23 Mandiant, Llc Physical memory forensics system and method
US9092327B2 (en) * 2012-12-10 2015-07-28 Qualcomm Incorporated System and method for allocating memory to dissimilar memory devices using quality of service
US9311011B2 (en) * 2013-08-07 2016-04-12 Qualcomm Incorporated Dynamic address negotiation for shared memory regions in heterogenous multiprocessor systems
CA2923231C (en) * 2013-09-12 2020-06-02 Virsec Systems, Inc. Automated runtime detection of malware
US9489313B2 (en) 2013-09-24 2016-11-08 Qualcomm Incorporated Conditional page fault control for page residency
CN104572046B (zh) * 2013-10-16 2019-01-11 腾讯科技(深圳)有限公司 一种堆栈还原方法和计算机系统
US10108409B2 (en) * 2014-01-03 2018-10-23 Visa International Service Association Systems and methods for updatable applets
US9721212B2 (en) 2014-06-04 2017-08-01 Qualcomm Incorporated Efficient on-device binary analysis for auto-generated behavioral models
US9721660B2 (en) 2014-10-24 2017-08-01 Microsoft Technology Licensing, Llc Configurable volatile memory without a dedicated power source for detecting a data save trigger condition
CN104461905A (zh) * 2014-12-30 2015-03-25 东信和平科技股份有限公司 一种智能卡虚拟机、api库与上层应用同时调试的方法及系统
CN105117648A (zh) * 2015-07-29 2015-12-02 杭州安恒信息技术有限公司 一种基于虚拟机的0day/恶意文档检测系统及方法
US10289847B2 (en) 2016-07-29 2019-05-14 Qualcomm Incorporated Updating virtual memory addresses of target application functionalities for an updated version of application binary code

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020032804A1 (en) * 1998-10-02 2002-03-14 Hunt Galen C. Heavyweight and lightweight instrumentation
US6681331B1 (en) * 1999-05-11 2004-01-20 Cylant, Inc. Dynamic software system intrusion detection
US9235704B2 (en) * 2008-10-21 2016-01-12 Lookout, Inc. System and method for a scanning API
US20110082962A1 (en) * 2009-10-01 2011-04-07 Vmware, Inc. Monitoring a data structure in a virtual machine
US20120240230A1 (en) * 2011-03-15 2012-09-20 Phison Electronics Corp. Memory storage device and memory controller and virus scanning method thereof
US8566935B2 (en) * 2011-05-12 2013-10-22 At&T Intellectual Property I, L.P. Balancing malware rootkit detection with power consumption on mobile devices
US9178852B2 (en) * 2012-06-25 2015-11-03 Appthority, Inc. In-line filtering of insecure or unwanted mobile device software components or communications

Also Published As

Publication number Publication date
CN109643343B (zh) 2023-09-15
CN109564608A (zh) 2019-04-02
CN109643343A (zh) 2019-04-16
SG11201811216WA (en) 2019-02-27
CN109478217B (zh) 2021-12-28
TW201805806A (zh) 2018-02-16
CN109478217A (zh) 2019-03-15
US10289847B2 (en) 2019-05-14
BR112019001506A2 (pt) 2019-05-07
EP3491570A1 (en) 2019-06-05
US20180032731A1 (en) 2018-02-01
SG11201811211TA (en) 2019-02-27
JP6704504B2 (ja) 2020-06-03
EP3491568B1 (en) 2022-02-23
US10360383B2 (en) 2019-07-23
WO2018022257A1 (en) 2018-02-01
JP6704503B2 (ja) 2020-06-03
US10380342B2 (en) 2019-08-13
US20180032441A1 (en) 2018-02-01
TW201807576A (zh) 2018-03-01
JP2019527892A (ja) 2019-10-03
BR112019001511A2 (pt) 2019-04-30
KR20190038544A (ko) 2019-04-08
JP2019528515A (ja) 2019-10-10
TWI696950B (zh) 2020-06-21
BR112019001479A2 (pt) 2019-04-30
EP3491569A1 (en) 2019-06-05
KR20190038542A (ko) 2019-04-08
KR102097256B1 (ko) 2020-04-03
EP3491569B1 (en) 2020-04-22
WO2018022256A1 (en) 2018-02-01
KR102058326B1 (ko) 2019-12-20
US20180032721A1 (en) 2018-02-01
SG11201811213XA (en) 2019-02-27
JP2019526123A (ja) 2019-09-12
EP3491568A1 (en) 2019-06-05
KR20190038543A (ko) 2019-04-08
WO2018022255A1 (en) 2018-02-01
TW201807570A (zh) 2018-03-01

Similar Documents

Publication Publication Date Title
TWI686744B (zh) 使用基於偏移的虛擬位址映射對目標應用功能的基於核心的偵測
Bigelow et al. Timely rerandomization for mitigating memory disclosures
US20170206357A1 (en) Malicious code protection for computer systems based on process modification
Sun et al. Blender: Self-randomizing address space layout for android apps
Hu et al. Identifying arbitrary memory access vulnerabilities in privilege-separated software
Braunsdorf et al. Compiler-based attack origin tracking with dynamic taint analysis
EP4310707B1 (en) System and method for detecting malicious code by an interpreter in a computing device
HK40003337A (en) Kernel-based detection of target application functionality using offset-based virtual address mapping
HK40005417A (en) Updating virtual memory addresses of target application functionalities for an updated version of application binary code
HK40005784A (en) Kernel-based detection of target application functionality using virtual address mapping
Choi et al. A survey of feature extraction techniques to detect the theft of windows applications
Yang et al. How to make information-flow analysis based defense ineffective: an ART behavior-mask attack
Feng et al. A virtualxposed-based inline hooking framework for android native methods
Verma Multimedia Attacks on Android devices using StageFright exploit
BR112019001479B1 (pt) Detecção baseada em núcleo de funcionalidade de aplicação alvo utilizando mapeamento de endereços virtuais

Legal Events

Date Code Title Description
MM4A Annulment or lapse of patent due to non-payment of fees