主权项 |
1. A method comprising:
(a) receiving, at a computing device, a request to launch a program; (b) identifying, via the computing device, binary code associated with the requested program; (c) rewriting, via the computing device, the binary code, (i) said rewriting comprising disassembling the binary code to identify a set of known targets within the code, (ii) said rewriting further comprising applying a policy to the binary code to restrict actions of the code upon execution of the program; (d) verifying, via the computing device, the rewritten binary code, said verification comprises certifying said rewritten binary is compliant with said policy; (e) launching, via the computing device, said program based upon said rewritten binary, said launching comprising execution of said program at a load-time; and (f) rearranging, via the computing device, the binary code of the program, (i) said rearranging occurring at said load-time, (ii) said rearranging comprising stirring the binary code by randomly organizing an internal layout of the binary code in response to said launching. |