Invention Grant
US08397082B2 System and method for thwarting buffer overflow attacks using encrypted process pointers
失效
使用加密处理指针阻止缓冲区溢出攻击的系统和方法
- Patent Title: System and method for thwarting buffer overflow attacks using encrypted process pointers
- Patent Title (中): 使用加密处理指针阻止缓冲区溢出攻击的系统和方法
-
Application No.: US12895213Application Date: 2010-09-30
-
Publication No.: US08397082B2Publication Date: 2013-03-12
- Inventor: Walter Clark Milliken
- Applicant: Walter Clark Milliken
- Applicant Address: US NJ Basking Ridge US MA Cambridge
- Assignee: Verizon Corporate Services Group Inc.,Raytheon BBN Technologies Corp.
- Current Assignee: Verizon Corporate Services Group Inc.,Raytheon BBN Technologies Corp.
- Current Assignee Address: US NJ Basking Ridge US MA Cambridge
- Main IPC: G06F12/14
- IPC: G06F12/14 ; G06F11/30 ; H04L9/32

Abstract:
A method (200) and program (100) for inhibiting attack upon a computer (120) is provided. The address (104) of a process (106) is produced (612), and encrypted (616) to produce an encrypted address (518), which is then stored in memory (128). When needed, the encrypted address (518) is retrieved (702) from memory (128) and decrypted (704) to reproduce the original process address (104). The reproduced process address (104) is then verified (708). If the process address (104) is determined (708) to be valid, i.e., there was no attack, then the process address (104) is placed (712) in the program counter (318), and a valid process (106) is executed. If the process address (104) is determined (708) to be invalid, i.e., there was an attack, then the address (108) of a crash and terminate process (110) is placed (716) in the program counter (318) and the computer (120) crashes. A nonce value (512) may be generated (602) and encrypted (616) and decrypted (704) in conjunction with the process address (104). The nonce value (512) may then be verified (710) independently, thereby increasing security.
Public/Granted literature
- US20110022855A1 SYSTEM AND METHOD FOR THWARTING BUFFER OVERFLOW ATTACKS USING ENCRYPTED PROCESS POINTERS Public/Granted day:2011-01-27
Information query