Code randomization for just-in-time compilers
US-9250937-B1 · Feb 2, 2016 · US
Mitigating ROP attacks
US9665717B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9665717-B2 |
| Application number | US-201615263782-A |
| Country | US |
| Kind code | B2 |
| Filing date | Sep 13, 2016 |
| Priority date | Sep 30, 2015 |
| Publication date | May 30, 2017 |
| Grant date | May 30, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Mitigating return-oriented programming (ROP) attacks. Program code and associated components are received and loaded into memory. From the program code and associated components, a predetermined number of sequences of machine language instructions that terminate in a return instruction are selected. The sequences of machine language instructions include: machine language instruction sequences that are equivalent to a conditional statement “if-then-else return,” sequences of machine language instructions corresponding to known malicious code sequences, and sequences of machine language instructions corresponding to machine language instructions in known toolkits for assembling malicious code sequences. For each selected machine language instruction sequence, memory blocks containing the selected machine language instruction sequence are rearranged using address space layout randomization (ASLR); then, upon expiration of an expected time interval required to locate the selected machine language instruction sequence by inspecting the rearranged memory blocks, the rearranging is repeated, thereby mitigating ROP attacks.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer program product for mitigating return-oriented programming (ROP) attacks, the computer product comprising: one or more non-transitory computer-readable storage media and program instructions stored on the one or more non-transitory computer-readable storage media, the program instructions comprising: program instructions to receive program code for execution and associated components needed by the program code for execution; program instructions to load the program code and associated components into memory; program instructions to select a predetermined number of sequences of machine language instructions from the loaded program code and the associated components, wherein each sequence terminates in a return instruction, and wherein the predetermined number of sequences includes: machine language instruction sequences that are equivalent to a conditional statement “if-then-else return”; sequences of machine language instructions corresponding to known malicious code sequences; and sequences of machine language instructions corresponding to machine language instructions in known toolkits for assembling malicious code sequences; and for each selected machine language instruction sequence, program instructions to: rearrange memory blocks containing the selected machine language instruction sequence, using address space layout randomization (ASLR); then wait an expected time interval required to locate the selected machine language instruction sequence by inspecting the rearranged memory blocks; and repeat the rearranging at the expiration of the expected time interval; whereby ROP attacks are mitigated.
Assignees
Inventors
Classifications
Single storage device · CPC title
- G06F21/566Primary
Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities · CPC title
Management of blocks · CPC title
in relation to content · CPC title
- G06F21/52Primary
during program execution, e.g. stack integrity {; Preventing unwanted data erasure; Buffer overflow} · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9665717B2 cover?
- Mitigating return-oriented programming (ROP) attacks. Program code and associated components are received and loaded into memory. From the program code and associated components, a predetermined number of sequences of machine language instructions that terminate in a return instruction are selected. The sequences of machine language instructions include: machine language instruction sequences t…
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification G06F21/566. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue May 30 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).