发明名称 | System and method for retrofitting application code | ||
摘要 | Disclosed is a system and method for retrofitting defensive technology that transforms potentially dangerous computer programs into safe programs. The present disclosure involves applying software rewriting and/or randomization algorithms to monitored application launches and/or API calls. The present disclosure provides systems and methods for understanding and manipulating how untrusted software will behave upon execution, thereby thwarting any chance the untrusted software could launch and/or institute a weaponized malicious software attack. The present disclosure can apply a light-weight binary rewriting and in-lining system to tame and secure untrusted binary programs. The disclosed systems and methods can also implement binary stirring by imbuing native code of software with the ability to self-randomize its instruction addresses each time it is launched. | ||
申请公布号 | US9202044(B2) | 申请公布日期 | 2015.12.01 |
申请号 | US201314086179 | 申请日期 | 2013.11.21 |
申请人 | The Board of Regents, The University of Texas System | 发明人 | Hamlen Kevin William |
分类号 | H04L25/49;G06F21/51;G06F21/57;G06F21/54 | 主分类号 | H04L25/49 |
代理机构 | Greenberg Traurig, LLP | 代理人 | Greenberg Traurig, LLP ;Garsson Ross Spencer |
主权项 | 1. A method comprising: (a) receiving, at a computing device, a request to launch a program; (b) identifying, via the computing device, binary code associated with the requested program; (c) rewriting, via the computing device, the binary code, (i) said rewriting comprising disassembling the binary code to identify a set of known targets within the code, (ii) said rewriting further comprising applying a policy to the binary code to restrict actions of the code upon execution of the program; (d) verifying, via the computing device, the rewritten binary code, said verification comprises certifying said rewritten binary is compliant with said policy; (e) launching, via the computing device, said program based upon said rewritten binary, said launching comprising execution of said program at a load-time; and (f) rearranging, via the computing device, the binary code of the program, (i) said rearranging occurring at said load-time, (ii) said rearranging comprising stirring the binary code by randomly organizing an internal layout of the binary code in response to said launching. | ||
地址 | Austin TX US |