| 发明名称 |
Data Flow Tracking Via Memory Monitoring |
| 摘要 |
Methods and devices for tracking data flows in a computing device include monitoring memory in a hardware component of the computing device to identify a read operation that reads information from a tainted memory address, using heuristics to identify a first, second, and third number of operations performed after the identified read operation, marking memory addresses of write operations performed after first number of operations and before the second number of operations as tainted, and marking memory addresses of write operations performed after the third number of operations and before the second number of operations as untainted. |
| 申请公布号 |
US2016217029(A1) |
申请公布日期 |
2016.07.28 |
| 申请号 |
US201514607251 |
申请日期 |
2015.01.28 |
| 申请人 |
QUALCOMM Incorporated |
发明人 |
Yoon Man Ki;Salajegheh Mastooreh;Christodorescu Mihai;Chen Yin;Sridhara Vinay;Gupta Rajarshi |
| 分类号 |
G06F11/07;G06F9/54 |
主分类号 |
G06F11/07 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method of tracking data flows in a computing device, comprising:
monitoring memory to identify a read operation that reads information from a tainted memory address; determining an offset value (O) that identifies a first number of operations performed after the identified read operation, a monitoring window value (M) that identifies a second number of operations performed after the first number of operations, and an upper boundary value (N) that identifies a third number of operations performed after the first number of operations; monitoring operations until one of:
M operations are performed; andN write operations to untainted addresses are identified; marking memory addresses associated with identified write operations as tainted; and marking memory addresses associated with write operations performed after the Nth operation and memory addresses associated with write operations performed after the Mth operation as untainted. |
| 地址 |
San Diego CA US |
