Methods, devices, and systems for detecting return-oriented programming exploits

A technology for processing devices and memory systems, applied in memory systems, error detection/correction, computer security devices, etc.

Active Publication Date: 2014-07-23
QUALCOMM INC
View PDF5 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This type of attack is successful because code and data addresses are predictable in most systems

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Methods, devices, and systems for detecting return-oriented programming exploits
  • Methods, devices, and systems for detecting return-oriented programming exploits
  • Methods, devices, and systems for detecting return-oriented programming exploits

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] In the following description, reference is made to the accompanying drawings, in which are shown by way of illustration specific examples in which the invention may be practiced. The examples are intended to describe aspects of the invention in sufficient detail to enable one skilled in the art to practice one or more of the described features. Other features may be utilized and changes may be made to the disclosed examples without departing from the scope of the invention. The following detailed description should not be taken in a limiting sense, and the scope is defined only by the appended claims.

[0026]The term "data" is used interchangeably herein to refer to computing instructions usable by a processor and data manipulable by the processor. The context in which the term "data" is used should be such that it is obvious when "data" refers to instructions. Instructions may be specifically referred to as instructions or instruction data, where appropriate.

[00...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Methods, devices, and systems for detecting return-oriented programming (ROP) exploits are disclosed. A system includes a processor, a main memory, and a cache memory. A cache monitor develops an instruction loading profile by monitoring accesses to cached instructions found in the cache memory and misses to instructions not currently in the cache memory. A remedial action unit terminates execution of one or more of the valid code sequences if the instruction loading profile is indicative of execution of an ROP exploit involving one or more valid code sequences. The instruction loading profile may be a hit / miss ratio derived from monitoring cache hits relative to cache misses. The ROP exploits may include code snippets that each include an executable instruction and a return instruction from valid code sequences.

Description

technical field [0001] One feature relates generally to detecting malicious code in software systems, and more particularly to methods and apparatus for detecting return-oriented programming attacks in software systems. Background technique [0002] Computing systems that execute software are experiencing an increasing number of attacks from attackers, commonly referred to as hackers. These attackers have discovered ways to insert malicious code into a computing system and then cause the computing system to execute the malicious code. Malicious code can perform many different actions, such as causing a computing system to run slower than normal, monitoring activity on a computing system, causing a computing system to transmit or receive information that a user may not intend to transmit, destroying data in persistent and non-persistent memory, and crash the computing system. [0003] An attack mechanism, sometimes referred to as a return-oriented programming (ROP) attack, ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/52
CPCG06F21/52G06F11/3037G06F11/3466G06F12/0811G06F12/0848G06F12/0875G06F12/14G06F21/554G06F21/566G06F2212/452
Inventor 丹尼尔·科马罗米亚历克斯·甘特曼布莱恩·M·罗森贝格阿伦·巴拉克里沙南伦威·格格雷戈里·G·罗丝阿南德·帕拉尼古德
Owner QUALCOMM INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap