Randomized canary and shadow stack for JIT-ROP defense
US11372969B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Sep 17, 2021 |
| Grant date | Jun 28, 2022 |
| Priority date | — |
| Expiry date | Sep 17, 2041 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/602
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Improved systems and methods of providing computer security and countering attacks on computing systems by protecting control data such as a return address from being disclosed or modified. A stack canary is enhanced with randomization to prevent brute-force attacks and information leakage, providing a more effective sentinel to detect attempts to overwrite a return address on the stack. A shadow stack is enhanced with concealment of the return address from the stack, encoding of the return address in memory, and replacement of the real return address with a substitute value to detect attempted manipulation of the return address on the call stack and prevent it from succeeding. By enhancing randomization of the stack canary and using a shadow stack to encode and conceal the return address, the disclosed technology enhances security of a computing system against stack smashing, ROP attacks, and JIT-ROP attacks.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.