Application randomization mechanism
First Claim
1. A method comprising:
- generating, by a computing system comprising one or more processors, first unique configuration information;
generating, by the computing system and based on the first unique configuration information, a first unique instance of a software component that is executable on a runtime computing system, wherein generating the first unique instance of the software component comprises creating, by the computing system, a first modification to an application binary interface (ABI), wherein the first modification to the ABI comprises a first modification to an operating system kernel ABI that is associated with a first reordering of a system call table, and wherein the first unique instance of the software component uses the first modification to the ABI;
generating, by the computing system, second unique configuration information, wherein the second unique configuration information is different from the first unique configuration information; and
generating, by the computing system and based on the second unique configuration information, a second unique instance of the software component that is executable on the runtime computing system, wherein generating the second unique instance of the software component comprises creating, by the computing system, a second modification to the ABI, wherein the first modification to the ABI is different than the second modification to the ABI, wherein the second modification to the ABI comprises a second modification to the operating system kernel ABI that is associated with a second reordering of the system call table, and wherein the second unique instance of the software component uses the second modification to the ABI,wherein the first and second unique instances of the software component comprise different instances of the same software component that each are configured to have uniquely different operating characteristics during execution on the runtime computing system.
1 Assignment
0 Petitions
Accused Products
Abstract
An example method includes generating, by a computing system, first unique configuration information, generating, by the computing system and based on the first unique configuration information, a first unique instance of a software component, generating second unique configuration information, wherein the second unique configuration information is different from the first unique configuration information, and generating, based on the second unique configuration information, a second unique instance of the software component that is executable on the runtime computing system. The first and second unique instances of the software component comprise different instances of the same software component that each are configured to have uniquely different operating characteristics during execution on the runtime computing system.
-
Citations
25 Claims
-
1. A method comprising:
-
generating, by a computing system comprising one or more processors, first unique configuration information; generating, by the computing system and based on the first unique configuration information, a first unique instance of a software component that is executable on a runtime computing system, wherein generating the first unique instance of the software component comprises creating, by the computing system, a first modification to an application binary interface (ABI), wherein the first modification to the ABI comprises a first modification to an operating system kernel ABI that is associated with a first reordering of a system call table, and wherein the first unique instance of the software component uses the first modification to the ABI; generating, by the computing system, second unique configuration information, wherein the second unique configuration information is different from the first unique configuration information; and generating, by the computing system and based on the second unique configuration information, a second unique instance of the software component that is executable on the runtime computing system, wherein generating the second unique instance of the software component comprises creating, by the computing system, a second modification to the ABI, wherein the first modification to the ABI is different than the second modification to the ABI, wherein the second modification to the ABI comprises a second modification to the operating system kernel ABI that is associated with a second reordering of the system call table, and wherein the second unique instance of the software component uses the second modification to the ABI, wherein the first and second unique instances of the software component comprise different instances of the same software component that each are configured to have uniquely different operating characteristics during execution on the runtime computing system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A computer-readable storage device storing instructions that, when executed, cause a computing system comprising one or more processors to perform operations comprising:
generating first unique configuration information; generating, based on the first unique configuration information, a first unique instance of a software component that is executable on a runtime computing system, wherein generating the first unique instance of the software component comprises creating a first modification to an application binary interface (ABI), wherein the first modification to the ABI comprises a first modification to an operating system kernel ABI that is associated with a first reordering of a system call table, and wherein the first unique instance of the software component uses the first modification to the ABI; generating second unique configuration information, wherein the second unique configuration information is different from the first unique configuration information; and generating, based on the second unique configuration information, a second unique instance of the software component that is executable on the runtime computing system, wherein generating the second unique instance of the software component comprises creating a second modification to the ABI, wherein the first modification to the ABI is different than the second modification to the ABI, wherein the second modification to the ABI comprises a second modification to the operating system kernel ABI that is associated with a second reordering of the system call table, and wherein the second unique instance of the software component uses the second modification to the ABI, wherein the first and second unique instances of the software component comprise different instances of the same software component that each are configured to have uniquely different operating characteristics during execution on the runtime computing system. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
21. A computing system, comprising:
-
one or more processors; and a computer-readable storage device communicatively coupled to the one or more processors, wherein the computer-readable storage device stores instructions that, when executed by the one or more processors, cause the one or more processors to; generate first unique configuration information; generate, based on the first unique configuration information, a first unique instance of a software component that is executable on a runtime computing system, wherein as part of causing the one or more processors to generate the first unique instance of the software component, execution of the instructions causes the one or more processors to create a first modification to an application binary interface (ABI), wherein the first modification to the ABI comprises a first modification to an operating system kernel ABI that is associated with a first reordering of a system call table, and wherein the first unique instance of the software component uses the first modification to the ABI; generate second unique configuration information, wherein the second unique configuration information is different from the first unique configuration information; and generate, based on the second unique configuration information, a second unique instance of the software component that is executable on the runtime computing system, wherein as part of causing the one or more processors to generate the second unique instance of the software component, execution of the instructions causes the one or more processors to create a second modification to the ABI, wherein the first modification to the ABI is different than the second modification to the ABI, wherein the second modification to the ABI comprises a second modification to the operating system kernel ABI that is associated with a second reordering of the system call table, and wherein the second unique instance of the software component uses the second modification to the ABI, wherein the first and second unique instances of the software component comprise different instances of the same software component that each are configured to have uniquely different operating characteristics during execution on the runtime computing system. - View Dependent Claims (22, 23, 24, 25)
-
Specification