Timely randomized memory protection

US 10,268,601 B2
Filed: 06/17/2016
Issued: 04/23/2019
Est. Priority Date: 06/17/2016
Status: Active Grant

First Claim

Patent Images

1. In a system executing a program, a method of protecting the program against information leakage attacks, the method comprising:

detecting at runtime one or more input/output calls associated with the program; and

re-randomizing memory associated with the program in response to the one or more input/output calls, wherein re-randomizing the memory comprises generating random stack cookies.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a system executing a program, a method comprises detecting one or more input/output calls associated with the program and re-randomizing memory associated with the program in response to the one or more input/output calls. A related system is also described.

Citations

14 Claims

1. In a system executing a program, a method of protecting the program against information leakage attacks, the method comprising:
- detecting at runtime one or more input/output calls associated with the program; and
  
  re-randomizing memory associated with the program in response to the one or more input/output calls, wherein re-randomizing the memory comprises generating random stack cookies.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 wherein generating the random stack cookies comprises:
    - generating a random master cookie;
      
      storing the master cookie in the memory;
      
      obtaining a stack trace for the program, the stack trace including information about one or more stack frames;
      
      for each of the stack frames, generating a random stack cookie using the master stack cookie; and
      
      for each of the stack frames, storing the stack cookie in the memory.
  - 3. The method of claim 2 further comprising:
    - verifying the random stack cookie for each of the stack frames using the master stack cookie.
  - 4. The method of claim 2 wherein the stack trace includes a memory address for each of the stack frames, and wherein generating a random stack cookie for each of the stack frames comprises performing a logical exclusive disjunction operation (XOR) between the master stack cookie and the corresponding memory address.
  - 5. The method of claim 2 wherein the program comprises a plurality of modules, and wherein generating the random master cookie comprises generating a random master cookie for each of the modules.
  - 6. The method of claim 5 further comprising, for each of the modules:
    - detecting the module being loaded;
      
      determining a memory location of a master cookie associated with the module; and
      
      in response to generating the random master cookie for the module, storing the generated master cookie at the determined memory location.

7. In a system executing a program, a method of protecting the program against information leakage attacks, the method comprising:
- detecting at runtime one or more input/output calls associated with the program; and
  
  re-randomizing memory associated with the program in response to the one or more input/output calls, wherein re-randomizing memory associated with the program comprises re-randomizing heap integrity data by;
  
  generating a random secret key;
  
  storing the random secret key in the memory;
  
  determining a memory location for one or more heap allocations stored in the memory;
  
  for each of the heap allocations, encrypting header information associated with the heap allocation using the secret key; and
  
  for each of the heap allocations, storing the encrypted header information in the memory.
- View Dependent Claims (8, 9, 10)
- - 8. The method of claim 7 further comprising:
    - verifying the encrypted header information for each of the heap allocations using the secret key.
  - 9. The method of claim 8 further comprising:
    - verifying a error-detecting code value for each of the heap allocations.
  - 10. The method of claim 7 further comprising, for each of the heap allocations:
    - generating a random heap cookie;
      
      calculating an error-detecting code value using at least the random heap cookie; and
      
      storing the error-detecting code value in the memory.

11. In a system executing a program, a method of protecting the program against information leakage attacks, the method comprising:
- detecting at runtime one or more input/output calls associated with the program; and
  
  re-randomizing memory associated with the program in response to the one or more input/output calls, wherein re-randomizing memory associated with the program comprises re-randomizing an encrypted function lookup table (FLT).
- View Dependent Claims (12, 13, 14)
- - 12. The method of claim 11 further comprising:
    - generating the encrypted FLT based on an existing FLT associated with the program, the encrypted FLT having a plurality of code snippets; and
      
      rewriting program code to replace indirect calls to the existing FLT with direct calls to the code snippets.
  - 13. The method of claim 12 wherein each of the code snippets includes instructions to decrypt an encrypted address associated with the code snippet using a secret key and to call a function at the decrypted address associated with the code snippet, and wherein re-randomizing the encrypted FLT comprises:
    - generating a new secret key;
      
      storing the new secret key in memory; and
      
      updating each of the code snippets to use the new secret key.
  - 14. The method of claim 12 wherein re-randomizing the encrypted FLT comprises:
    - changing a memory location of one or more of the code snippets with the encrypted FLT; and
      
      rewriting the program code to call the one or more code snippets at the corresponding changed memory location.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Massachusetts Institute of Technology
Original Assignee
Massachusetts Institute of Technology
Inventors
Okhravi, Hamed, Hobson, Thomas R., Bigelow, David O., Rudd, Robert, Perry, David M., Dahl, Kristin S., Streilein, William W.
Primary Examiner(s)
Leibovich, Yair

Application Number

US15/185,370
Publication Number

US 20170364452A1
Time in Patent Office

1,040 Days
Field of Search

714 54
US Class Current
CPC Class Codes

G06F 11/1004   to protect a block of data ...

G06F 11/1048   using arrangements adapted ...

G06F 12/1466   Key-lock mechanism

G06F 21/52   during program execution, e...

G06F 2212/1052   Security improvement

G06F 2212/402   Encrypted data

G06F 2221/033   Test or assess software

H04L 2209/08   Randomization, e.g. dummy o...

H04L 2209/34   Encoding or coding, e.g. Hu...

H04L 9/0894   Escrow, recovery or storing...

Timely randomized memory protection

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Timely randomized memory protection

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links