Application randomization mechanism

US 10,402,179 B1
Filed: 06/22/2018
Issued: 09/03/2019
Est. Priority Date: 12/17/2015
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

generating, by a computing system comprising one or more processors, first unique configuration information;

generating, by the computing system and based on the first unique configuration information, a first unique instance of a software component that is executable on a runtime computing system, wherein the computing system creates a first modification to an operating system kernel application binary interface (ABI) as part of generating the first unique instance of the software component, and wherein the first unique instance of the software component uses the first modification to the operating system kernel ABI;

generating, by the computing system, second unique configuration information, wherein the second unique configuration information is different from the first unique configuration information; and

generating, by the computing system and based on the second unique configuration information, a second unique instance of the software component that is executable on the runtime computing system, wherein the computing system creates a second modification to the operating system kernel ABI as part of generating the second unique instance of the software component, wherein the first modification to the operating system kernel ABI is different than the second modification to the operating system kernel ABI, and wherein the second unique instance of the software component uses the second modification to the operating system kernel ABI,wherein the first and second unique instances of the software component comprise different instances of the same software component that each are configured to have uniquely different operating characteristics during execution on the runtime computing system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An example method includes generating, by a computing system, first unique configuration information, generating, by the computing system and based on the first unique configuration information, a first unique instance of a software component, generating second unique configuration information, wherein the second unique configuration information is different from the first unique configuration information, and generating, based on the second unique configuration information, a second unique instance of the software component that is executable on the runtime computing system. The first and second unique instances of the software component comprise different instances of the same software component that each are configured to have uniquely different operating characteristics during execution on the runtime computing system.

53 Citations

View as Search Results

20 Claims

1. A method comprising:
- generating, by a computing system comprising one or more processors, first unique configuration information;
  
  generating, by the computing system and based on the first unique configuration information, a first unique instance of a software component that is executable on a runtime computing system, wherein the computing system creates a first modification to an operating system kernel application binary interface (ABI) as part of generating the first unique instance of the software component, and wherein the first unique instance of the software component uses the first modification to the operating system kernel ABI;
  
  generating, by the computing system, second unique configuration information, wherein the second unique configuration information is different from the first unique configuration information; and
  
  generating, by the computing system and based on the second unique configuration information, a second unique instance of the software component that is executable on the runtime computing system, wherein the computing system creates a second modification to the operating system kernel ABI as part of generating the second unique instance of the software component, wherein the first modification to the operating system kernel ABI is different than the second modification to the operating system kernel ABI, and wherein the second unique instance of the software component uses the second modification to the operating system kernel ABI,wherein the first and second unique instances of the software component comprise different instances of the same software component that each are configured to have uniquely different operating characteristics during execution on the runtime computing system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1,wherein the software component comprises a component that includes one of an application, a library, or an operating system kernel,wherein the first unique instance of the software component comprises a first instance of the component, andwherein the second unique instance of the software component comprises a second instance of the component.
  - 3. The method of claim 1,wherein generating the first unique instance of the software component comprises using, by the computing system, the first unique configuration information and source code to generate the first unique instance of the software component, andwherein generating the second unique instance of the software component comprises using, by the computing system, the second unique configuration information and the source code to generate the second unique instance of the software component, such that the first and second unique instances of the software component are each generated based on the source code.
  - 4. The method of claim 1, further comprising:
    - generating, by the computing system, intermediate representation bitcode based on binary information that is associated with the software component,wherein generating the first unique instance of the software component comprises using, by the computing system, the first unique configuration information and the intermediate representation bitcode to generate the first unique instance of the software component, andwherein generating the second unique instance of the software component comprises using, by the computing system, the second unique configuration information and the intermediate representation bitcode to generate the second unique instance of the software component, such that the first and second unique instances of the software component are each generated based on the intermediate representation bitcode.
  - 5. The method of claim 1,wherein the first modification to the operating system kernel ABI comprises a first modification to at least one of function calling conventions, function return value settings, or source code segment reordering used the first unique instance of the software component, andwherein the second modification to the operating system kernel ABI comprises a second modification to the at least one of function calling conventions, function return value settings, or source code segment reordering used by the second unique instance of the software component.
  - 6. The method of claim 1, wherein the computing system and the runtime computing system comprise the same computing system.
  - 7. The method of claim 1, wherein the first and second unique instances of the software component are each further configured, during execution on the runtime computing system, to output false information to an external computing system.
  - 8. The method of claim 7, wherein the false information comprises false configuration information associated with the runtime computing system.
  - 9. The method of claim 1,wherein the first unique instance of the software component comprises a first ephemeral virtual machine that is configured to service one or more requests from a first client that is external to the runtime computing system, andwherein the second unique instance of the software component comprises a second ephemeral virtual machine that is configured to service one or more requests from a second client that is external to the runtime computing system.
  - 10. The method of claim 1, further comprising:
    - receiving, by the computing system, one or more configuration settings,wherein generating the first unique instance of the software component is further based on the one or more configuration settings.
  - 11. The method of claim 10, wherein generating the first unique instance of the software component based on the one or more configuration settings comprises:
    - generating randomized configuration information based on the one or more configuration settings; and
      
      generating the first unique instance of the software component based on the randomized configuration information.
  - 12. The method of claim 1,wherein the first unique configuration information comprises a first configuration specification that includes first unique binary data, andwherein the second unique configuration information comprises a second configuration specification that includes second unique binary data.

13. A computer-readable storage device storing instructions that, when executed, cause a computing system comprising one or more processors to perform operations comprising:
- generating first unique configuration information;
  
  generating, based on the first unique configuration information, a first unique instance of a software component that is executable on a runtime computing system, wherein execution of the instructions causes the computing system to create a first modification to an operating system kernel application binary interface (ABI) as part of generating the first unique instance of the software component, and wherein the first unique instance of the software component uses the first modification to the operating system kernel ABI;
  
  generating second unique configuration information, wherein the second unique configuration information is different from the first unique configuration information; and
  
  generating, based on the second unique configuration information, a second unique instance of the software component that is executable on the runtime computing system, wherein execution of the instructions causes the computing system to create a second modification to the operating system kernel ABI as part of generating the second unique instance of the software component, wherein the first modification to the operating system kernel ABI is different than the second modification to the operating system kernel ABI, and wherein the second unique instance of the software component uses the second modification to the operating system kernel ABI,wherein the first and second unique instances of the software component comprise different instances of the same software component that each are configured to have uniquely different operating characteristics during execution on the runtime computing system.
- View Dependent Claims (14)
- - 14. The computer-readable storage device of claim 13,wherein the first modification to the operating system kernel ABI comprises a first modification to at least one of function calling conventions, function return value settings, or source code segment reordering used the first unique instance of the software component, andwherein the second modification to the operating system kernel ABI comprises a second modification to the at least one of function calling conventions, function return value settings, or source code segment reordering used by the second unique instance of the software component.

15. A computing system, comprising:
- one or more processors; and
  
  a computer-readable storage device communicatively coupled to the one or more processors, wherein the computer-readable storage device stores instructions that, when executed by the one or more processors, cause the one or more processors to;
  
  generate first unique configuration information;
  
  generate, based on the first unique configuration information, a first unique instance of a software component that is executable on a runtime computing system, wherein as part of causing the one or more processors to generate the first unique instance of the software component, execution of the instructions causes the one or more processors to create a first modification to an operating system kernel application binary interface (ABI), and wherein the first unique instance of the software component uses the first modification to the operating system kernel ABI;
  
  generate second unique configuration information, wherein the second unique configuration information is different from the first unique configuration information; and
  
  generate, based on the second unique configuration information, a second unique instance of the software component that is executable on the runtime computing system, wherein as part of causing the one or more processors to generate the second unique instance of the software component, execution of the instructions causes the one or more processors to create a second modification to the operating system kernel ABI, wherein the first modification to the operating system kernel ABI is different than the second modification to the operating system kernel ABI, and wherein the second unique instance of the software component uses the second modification to the operating system kernel ABI,wherein the first and second unique instances of the software component comprise different instances of the same software component that each are configured to have uniquely different operating characteristics during execution on the runtime computing system.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computing system of claim 15,wherein the first modification to the operating system kernel ABI comprises a first modification to at least one of function calling conventions, function return value settings, or source code segment reordering used the first unique instance of the software component, andwherein the second modification to the operating system kernel ABI comprises a second modification to the at least one of function calling conventions, function return value settings, or source code segment reordering used by the second unique instance of the software component.
  - 17. The computing system of claim 15,wherein the instructions stored by the computer-readable storage device that cause the one or more processors to generate the first unique instance of the software component comprise instructions that cause the one or more processors to use the first unique configuration information and source code to generate the first unique instance of the software component, andwherein the instructions stored by the computer-readable storage device that cause the one or more processors to generate the second unique instance of the software component comprise instructions that cause the one or more processors to use the second unique configuration information and the source code to generate the second unique instance of the software component, such that the first and second unique instances of the software component are each generated based on the source code.
  - 18. The computing system of claim 15, wherein the instructions stored by the computer-readable storage device further cause the one or more processors to:
    - generate intermediate representation bitcode based on binary information that is associated with the software component,wherein the instructions stored by the computer-readable storage device that cause the one or more processors to generate the first unique instance of the software component comprise instructions that cause the one or more processors to use the first unique configuration information and the intermediate representation bitcode to generate the first unique instance of the software component, andwherein the instructions stored by the computer-readable storage device that cause the one or more processors to generate the second unique instance of the software component comprise instructions that cause the one or more processors to use the second unique configuration information and the intermediate representation bitcode to generate the second unique instance of the software component, such that the first and second unique instances of the software component are each generated based on the intermediate representation bitcode.
  - 19. The computing system of claim 15, wherein the computing system and the runtime computing system comprise the same computing system.
  - 20. The computing system of claim 15, wherein the first and second unique instances of the software component are each further configured, during execution on the runtime computing system, to output false information to an external computing system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Architecture Technology Corporation
Original Assignee
Architecture Technology Corporation
Inventors
Powers, Judson, Joyce, Robert A.
Primary Examiner(s)
Truong, Lechi

Application Number

US16/015,529
Time in Patent Office

438 Days
Field of Search

719310
US Class Current
CPC Class Codes

G06F 21/14   against software analysis o...

G06F 21/57   Certifying or maintaining t...

G06F 8/30   Creation or generation of s...

G06F 8/37   Compiler construction; Pars...

G06F 8/41   Compilation

G06F 8/52   Binary to binary

G06F 8/71   Version control security ar...

G06F 9/44568   Immediately runnable code

G06F 9/54   Interprogram communication

Application randomization mechanism

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

53 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Application randomization mechanism

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

53 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links