METHOD AND APPARATUS FOR DETECTING INTRUSIONS IN A COMPUTER SYSTEM
First Claim
Patent Images
1. A method, comprising:
- calculating a first checksum from first bits representative of instructions in a block of a program concurrently with executing the instructions; and
issuing a security exception in response to determining that the first checksum differs from a second checksum calculated prior to execution of the block using second bits representative of instructions in the block when the second checksum is calculated.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention provides a method and apparatus for detecting intrusions in a processor-based system. One embodiment of the method includes calculating a first checksum from first bits representative of instructions in a block of a program concurrently with executing the instructions. This embodiment of the method also includes issuing a security exception in response to determining that the first checksum differs from a second checksum calculated prior to execution of the block using second bits representative of instructions in the block when the second checksum is calculated.
30 Citations
25 Claims
-
1. A method, comprising:
-
calculating a first checksum from first bits representative of instructions in a block of a program concurrently with executing the instructions; and issuing a security exception in response to determining that the first checksum differs from a second checksum calculated prior to execution of the block using second bits representative of instructions in the block when the second checksum is calculated. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method, comprising:
-
generating a table comprising entries that are indexed by addresses associated with blocks of a program, wherein each entry of the table includes a checksum calculated using bits representative of instructions in the block; and comparing values of the entries in the table with checksums generated by a processor-based system concurrently with the processor-based system executing the corresponding block of the program. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. An apparatus, comprising:
-
means for calculating a first checksum from first bits representative of instructions in a block of a program concurrently with executing the instructions; and means for issuing a security exception in response to determining that the first checksum differs from a second checksum calculated prior to execution of the block using second bits representative of instructions in the block when the second checksum is calculated. - View Dependent Claims (17)
-
-
18. A computer readable storage medium encoded with instructions that, when executed by a processor-based system, cause the processor-based system to:
-
calculate a first checksum from bits representative of instructions in a block of a program concurrently with executing the instructions; and issue a security exception in response to determining that the first checksum differs from a second checksum calculated prior to execution of the block using bits representative of instructions in the block. - View Dependent Claims (19)
-
-
20. A processor-based system, comprising:
-
at least one processor configured to calculate a first checksum from bits representative of instructions in a block of a program concurrently with executing the instructions; a first register for storing the first checksum; and a second register for storing a value of a second checksum calculated prior to execution of the block using bits representative of instructions in the block, wherein said at least one processor is configured to issue a security exception in response to determining that the first checksum is different than the second checksum. - View Dependent Claims (21, 22, 23, 24, 25)
-
Specification