Systems and methods for reliably injecting control flow integrity into binaries by tokenizing return addresses
US11500982B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Aug 15, 2019 |
| Grant date | Nov 15, 2022 |
| Priority date | — |
| Expiry date | Dec 3, 2039 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F11/1438
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Systems and methods of modifying a program binary by injecting code into a function of a program binary that tokenizes the return address of the function. The tokenization of the return address improves the robustness of the program binary against cyberattacks. For example, an attacker's attempt to hijack program flow before a function return will fail since any return address modified by the adversary will be tokenized (e.g., using a binary operation such as an XOR) resulting in an unusable address that will cause the system to crash. One advantage of the improved CFI consumes less average overhead and does not require all of the complications of the conventional CFI systems. In some embodiments, the tokenization includes applying a binary operation on a randomly-generated token and the return address. The token can be generated at transform time, load time, or run time.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.