公开(公告)号：US20170091454A1

公开(公告)日：2017-03-30

申请号：US14865954

申请日：2015-09-25

申请人： Vadim Sukhomlinov ,  Oleksandr Bazhaniuk ,  Igor Muttik ,  Yuriy Bulygin ,  Alex Nayshtut ,  Andrew A. Furtak

发明人： Vadim Sukhomlinov ,  Oleksandr Bazhaniuk ,  Igor Muttik ,  Yuriy Bulygin ,  Alex Nayshtut ,  Andrew A. Furtak

IPC分类号： G06F21/56

CPC分类号： G06F21/566 ,  G06F21/52 ,  G06F2221/034

摘要： Existing performance monitoring and last branch recording processor hardware may be configured and used for detection of return-oriented and jump-oriented programming exploits with less performance impact that software-only techniques. Upon generation of a performance monitoring interrupt indicating that a predetermined number of mispredicted branches have occurred, the control flow and code may be analyzed to detect a return-oriented or jump-oriented exploit.

公开(公告)号：US20160180085A1

公开(公告)日：2016-06-23

申请号：US14581099

申请日：2014-12-23

申请人： Igor Muttik ,  Alex Nayshtut ,  Yuriy Bulygin ,  Andrew A. Furtak ,  Roman Dementiev

发明人： Igor Muttik ,  Alex Nayshtut ,  Yuriy Bulygin ,  Andrew A. Furtak ,  Roman Dementiev

IPC分类号： G06F21/56 ,  G06F9/46

CPC分类号： G06F9/467 ,  G06F12/1475 ,  G06F21/56 ,  G06F2212/1052

摘要： A technique allows for memory bounds checking for dynamically generated code by using transactional memory support in a processor. The memory bounds checking includes creating output code, identifying read-only memory regions in the output code and creating a map that is provided to a security monitoring thread. The security monitoring thread executes as a transaction and determines if a transactional conflict occurs to the read-only memory region during parallel execution of a monitored thread in the output code.

摘要翻译： 一种技术允许通过在处理器中使用事务内存支持来检查动态生成的代码的内存边界。 存储器边界检查包括创建输出代码，识别输出代码中的只读存储器区域并创建提供给安全监控线程的映射。 安全监视线程作为事务执行，并确定在输出代码中被监视线程的并行执行期间是否只向只读存储器区域发生事务冲突。