Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Automatic code locking to reduce the attack surface of software

A technology with specific functions and instructions, which is applied in the directions of instruments, calculations, and electrical digital data processing, etc., and can solve problems such as reduced capabilities and hindering the ability of network security products to identify attack behaviors.

Active Publication Date: 2020-08-28
VIRSEC SYST
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

These changes in behavior impede the ability of deployed network security products to identify attack behavior and, as a result, their ability to detect the presence of malware is greatly reduced

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Automatic code locking to reduce the attack surface of software
  • Automatic code locking to reduce the attack surface of software
  • Automatic code locking to reduce the attack surface of software

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] The following is a description of example embodiments of the present disclosure.

[0023] Overview of Malware Attacks

[0024] The National Vulnerability Database (NVD) listed approximately 4100 application vulnerabilities in 2011 and 5300 application vulnerabilities in 2012, which are classified into twenty-three attack categories. While several attack categories involve attacks resulting from negligence or misconfiguration, the largest number of attack categories involve malicious actors intentionally injecting malicious content into an organization's ongoing processes and subsequently causing the malicious content to execute. The process of injecting such malicious content involves identifying and exploiting some poorly designed code that performs inadequate input validation. For example, if code lacks size-related validation, the code may allow buffer-fault-style attacks included in the category of buffer-fault attacks. In these attacks, malicious actors inject ma...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

In an example embodiment, the system determines a set of instructions from available instructions for a computer application. The determined set of instructions provides specific functionality for the computer application. The system can determine the set of instructions by performing functional tests and negative tests on specific functions. The system can reorganize and randomize the set of instructions in memory, and write the reorganized set of instructions to a smaller memory space. For each available instruction that is not in the set of instructions, the system changes the corresponding instruction to be inactive to prevent execution of the corresponding instruction. The system can change the corresponding instruction to be non-functional by rewriting the instruction with the NOP instruction. The system then captures the memory address of the computer application being accessed at runtime. If the captured memory address matches the memory address used for the non-functional instruction, the system can declare a security attack.

Description

[0001] related application [0002] This application claims the benefit and priority of US Provisional Application No. 61 / 998,320, filed June 24, 2014. The entire teachings of the above applications are incorporated herein by reference. Background technique [0003] Cyber ​​attacks are becoming more sophisticated with each passing day. Attacks target the exploitation of specific vulnerabilities in specific applications. The causes and effects of such attacks are not discernible at the network layer, as they do not trigger network activity that appears to be clearly malicious. Applications executing on enterprise systems are prime targets for attackers because high-value information such as credit card numbers, customer social security numbers, and other personally identifiable information can be accessed from these applications. To deal with these targeted attacks, many vendors have deployed cybersecurity products such as next-generation firewalls that attempt to learn use...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/52G06F21/55G06F21/56
CPCG06F21/52G06F21/554G06F21/566
Inventor S·V·古普塔
Owner VIRSEC SYST
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products