Security method for detecting intrusions that exploit misinterpretation of supplied data
US8819822B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 30, 2006 |
| Grant date | Aug 26, 2014 |
| Priority date | — |
| Expiry date | Jul 31, 2031 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/562
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Mechanisms have been developed for securing computational systems against certain forms of attack. In particular, it has been discovered that, by scanning an input string for subsequences contained therein and configuring the computational system to generate a fault (or other triggered event) coincident with access to a memory location corresponding to one or more possible interpretations of data contained in the input string, it is possible to detect and/or interdict many forms of attack. For example, some realizations may scan for subsequences susceptible to interpretation as valid, canonical addresses, or as addresses in ranges that contain code, the stack, the heap, and/or system data structures such as the global offset table. Some realizations may scan for subsequences susceptible to interpretation as format strings or as machine code or code (source or otherwise) that could be executed in an execution environment (such as a Java™ virtual machine) or compiled for execution.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.