| 发明名称 |
SOFTWARE SECURITY VIA CONTROL FLOW INTEGRITY CHECKING |
| 摘要 |
Various technologies related to control flow integrity checking are described herein and can be used to greatly improve software security. During static analysis, a canonical control flow graph can be built. Execution of a program can be interrupted at runtime, and the call stack can be observed to verify control flow integrity of the program using the canonical control flow graph. Attacks using stack tampering can be avoided, regardless of how the stack tampering is achieved. Non-invasive techniques can be used, making the technologies applicable in situations where source code is not available. Real-time operating system protection can be supported. |
| 申请公布号 |
US2016300060(A1) |
申请公布日期 |
2016.10.13 |
| 申请号 |
US201314060506 |
申请日期 |
2013.10.22 |
| 申请人 |
Galois, Inc. |
发明人 |
Pike Lee;Hickey Patrick Christopher;Tomb Aaron;Mertens Eric |
| 分类号 |
G06F21/55;G06F17/30 |
主分类号 |
G06F21/55 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method implemented at least in part by a computing device, the method comprising:
storing a canonical control flow graph indicating possible ordinary execution paths for a program; observing a stack during execution of the program, wherein the observing comprises determining contents of the stack; comparing the contents of the stack with the canonical control flow graph, wherein the comparing comprises determining whether the contents of the stack indicate an execution path not appearing in the possible ordinary execution paths; and responsive to determining that the contents of the stack indicate the execution path not appearing in the possible ordinary execution paths, taking action avoiding further execution of the program. |
| 地址 |
Portland OR US |
