[go: up one dir, main page]

MX2018013818A - Metodo y aparato para comprobacion ejecutable dinamica. - Google Patents

Metodo y aparato para comprobacion ejecutable dinamica.

Info

Publication number
MX2018013818A
MX2018013818A MX2018013818A MX2018013818A MX2018013818A MX 2018013818 A MX2018013818 A MX 2018013818A MX 2018013818 A MX2018013818 A MX 2018013818A MX 2018013818 A MX2018013818 A MX 2018013818A MX 2018013818 A MX2018013818 A MX 2018013818A
Authority
MX
Mexico
Prior art keywords
functions
subset
dev
dynamic testing
executable
Prior art date
Application number
MX2018013818A
Other languages
English (en)
Other versions
MX391018B (es
Inventor
Aaron Anderson Lex
Original Assignee
Arris Entpr Llc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Arris Entpr Llc filed Critical Arris Entpr Llc
Publication of MX2018013818A publication Critical patent/MX2018013818A/es
Publication of MX391018B publication Critical patent/MX391018B/es

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/22Indexing; Data structures therefor; Storage structures
    • G06F16/2228Indexing structures
    • G06F16/2255Hash tables
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • G06F21/125Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/54Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating
    • G06F9/44521Dynamic linking or loading; Link editing at or after load time, e.g. Java class loading
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Technology Law (AREA)
  • Multimedia (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Stored Programmes (AREA)

Abstract

Se describe un método y aparato para Comprobación Ejecutable Dinámica (DEV) que incluye un prefijo aleatorio de funciones de una aplicación binaria, una función de comprobación para al menos un subconjunto de las funciones y una tabla de saltos para al menos un subconjunto de las funciones. DEV proporciona protección de integridad dinámica de bajo impacto para aplicaciones que son compatibles con métodos estándar de firma y verificación de códigos, y garantiza que el software no pueda ser manipulado de forma estática o dinámica sin detección.
MX2018013818A 2016-05-09 2017-05-09 Metodo y aparato para comprobacion ejecutable dinamica. MX391018B (es)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US201662333332P 2016-05-09 2016-05-09
US15/589,976 US10503931B2 (en) 2016-05-09 2017-05-08 Method and apparatus for dynamic executable verification
PCT/US2017/031652 WO2017196777A1 (en) 2016-05-09 2017-05-09 Method and apparatus for dynamic executable verification

Publications (2)

Publication Number Publication Date
MX2018013818A true MX2018013818A (es) 2019-07-04
MX391018B MX391018B (es) 2025-03-21

Family

ID=60243529

Family Applications (1)

Application Number Title Priority Date Filing Date
MX2018013818A MX391018B (es) 2016-05-09 2017-05-09 Metodo y aparato para comprobacion ejecutable dinamica.

Country Status (7)

Country Link
US (1) US10503931B2 (es)
EP (1) EP3455764B1 (es)
CN (1) CN109313677B (es)
AU (1) AU2017262658B2 (es)
CA (1) CA3023939C (es)
MX (1) MX391018B (es)
WO (1) WO2017196777A1 (es)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10938855B1 (en) * 2017-06-23 2021-03-02 Digi International Inc. Systems and methods for automatically and securely provisioning remote computer network infrastructure
EP3506100A1 (en) 2017-12-28 2019-07-03 GuardSquare NV Automated software application verification system
EP3748528A1 (en) * 2018-02-02 2020-12-09 NEC Corporation Information processing device, information processing method, and recording medium
EP3696698A1 (en) * 2019-02-18 2020-08-19 Verimatrix Method of protecting a software program against tampering
CN112668004B (zh) * 2019-10-16 2022-06-21 武汉斗鱼网络科技有限公司 一种基于llvm的函数校验方法及相关装置
WO2021222306A1 (en) 2020-04-27 2021-11-04 Arris Enterprises Llc Cloud-based dynamic executable verification
US12124565B2 (en) * 2021-03-19 2024-10-22 Adobe Inc. Tamper detection for executable applications
US11615181B2 (en) 2021-03-30 2023-03-28 Netapp, Inc. Methods for managing verification and validation of third-party code and devices thereof
US11586725B2 (en) * 2021-03-30 2023-02-21 Netapp, Inc. Methods for managing verification and validation of third-party code and devices thereof
US11799857B2 (en) * 2021-08-31 2023-10-24 Cisco Technology, Inc. Software posture for zero trust access
DE102021214183B3 (de) * 2021-12-13 2023-05-17 Continental Automotive Technologies GmbH Verfahren und Prozessorschaltung zum Absichern eines Codes gegen Manipulationen einer Anwendungssoftware, sowie Kraftfahrzeug-Steuergerät und Kraftfahrzeug mit einem solchen Steuergerät

Family Cites Families (45)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5799186A (en) * 1990-12-20 1998-08-25 Eastman Kodak Company Method and apparatus for programming a peripheral processor with a serial output memory device
US5903718A (en) * 1996-09-16 1999-05-11 International Business Machines Corporation Remote program monitor method and system using a system-under-test microcontroller for self-debug
US6411392B1 (en) * 1998-04-15 2002-06-25 Massachusetts Institute Of Technology Method and apparatus for data hiding in printed images
US7409546B2 (en) * 1999-10-20 2008-08-05 Tivo Inc. Cryptographically signed filesystem
US7650504B2 (en) * 1999-07-22 2010-01-19 Macrovision Corporation System and method of verifying the authenticity of dynamically connectable executable images
US7430670B1 (en) 1999-07-29 2008-09-30 Intertrust Technologies Corp. Software self-defense systems and methods
FR2832824A1 (fr) * 2001-11-28 2003-05-30 St Microelectronics Sa Blocage du fonctionnement d'un circuit integre
AU2002348969A1 (en) * 2002-11-08 2004-06-07 Nokia Corporation Software integrity test in a mobile telephone
JP2004297792A (ja) * 2003-03-13 2004-10-21 Ricoh Co Ltd 画像形成装置及び機能キー割り付け方法
JP2004348677A (ja) * 2003-05-26 2004-12-09 Sony Corp プログラムおよび情報処理方法
US7984304B1 (en) * 2004-03-02 2011-07-19 Vmware, Inc. Dynamic verification of validity of executable code
US7774596B2 (en) * 2005-02-02 2010-08-10 Insyde Software Corporation System and method for updating firmware in a secure manner
CN100594509C (zh) * 2005-02-11 2010-03-17 辛普雷克斯梅杰有限公司 软件保护方法
US8555061B2 (en) * 2005-05-13 2013-10-08 Microsoft Corporation Transparent code
US20070028217A1 (en) * 2005-07-29 2007-02-01 Microsoft Corporation Testing software using verification data defined independently of the testing code
US9274974B1 (en) * 2005-10-21 2016-03-01 Vmware, Inc. Isolating data within a computer system using private shadow mappings
US7757215B1 (en) 2006-04-11 2010-07-13 Oracle America, Inc. Dynamic fault injection during code-testing using a dynamic tracing framework
US8763115B2 (en) * 2007-08-08 2014-06-24 Vmware, Inc. Impeding progress of malicious guest software
EP2196936A4 (en) * 2007-10-05 2012-05-02 Panasonic Corp SAFE START-UP END UNIT, SAFE START-UP PROCEDURE, SAFE STARTER PROGRAM, RECORDING MEDIA AND INTEGRATED CIRCUIT
US8667597B2 (en) 2008-06-25 2014-03-04 Lockheed Martin Corporation Systems, methods, and products for secure code execution
JP5206263B2 (ja) * 2008-09-12 2013-06-12 株式会社リコー 情報処理装置、ライセンス判定方法、及びプログラム
US8671077B2 (en) * 2008-11-06 2014-03-11 Deluxe Digital Studios, Inc. Methods, systems and apparatuses for use in updating a portable storage medium
WO2010127438A1 (en) * 2009-05-06 2010-11-11 Irdeto Canada Corporation Interlocked binary protection using whitebox cryptography
CN101650664B (zh) * 2009-06-30 2012-06-27 飞天诚信科技股份有限公司 链接方法和链接器
KR101457355B1 (ko) * 2009-12-22 2014-11-04 인텔 코포레이션 보안 애플리케이션 실행을 제공하는 방법 및 장치
US10339575B2 (en) * 2010-03-05 2019-07-02 International Business Machines Corporation Method and system for provenance tracking in software ecosystems
US8458798B2 (en) * 2010-03-19 2013-06-04 Aspect Security Inc. Detection of vulnerabilities in computer systems
US20120260106A1 (en) * 2011-04-07 2012-10-11 Apple Inc. System and method for binary layout randomization
US8955149B1 (en) * 2011-12-06 2015-02-10 Amazon Technologies, Inc. Impersonation authorizations
US9098627B2 (en) * 2013-03-06 2015-08-04 Red Hat, Inc. Providing a core dump-level stack trace
US9600397B2 (en) * 2013-08-29 2017-03-21 Stmicroelectronics (Grenoble 2) Sas Dynamic debugging method of a software module and corresponding device
CN104573490A (zh) * 2013-10-29 2015-04-29 桂林电子科技大学 Android平台上已安装软件保护方法
US20150186649A1 (en) * 2013-12-31 2015-07-02 Cincinnati Bell, Inc. Function Fingerprinting
US9292367B2 (en) * 2014-04-08 2016-03-22 Microsoft Corporation Efficient migration of client-side web state
US9110737B1 (en) * 2014-05-30 2015-08-18 Semmle Limited Extracting source code
US9361102B2 (en) * 2014-06-09 2016-06-07 Lehigh University Methods for enforcing control flow of a computer program
US9390260B2 (en) * 2014-06-09 2016-07-12 Lehigh University Methods for enforcing control flow of a computer program
EP3021216A1 (en) * 2014-11-14 2016-05-18 Semmle Limited Incremental source code analysis
US10048960B2 (en) * 2014-12-17 2018-08-14 Semmle Limited Identifying source code used to build executable files
WO2016123237A1 (en) 2015-01-27 2016-08-04 Arris Enterprises, Inc. Obfuscation for protection of streaming media and other data flows
US9953158B1 (en) * 2015-04-21 2018-04-24 Symantec Corporation Systems and methods for enforcing secure software execution
CN104778923B (zh) * 2015-04-28 2016-06-01 京东方科技集团股份有限公司 一种像素电路及其驱动方法、显示装置
US20160321064A1 (en) * 2015-05-01 2016-11-03 Quixey, Inc. Developer Exchange System
US9953167B2 (en) * 2015-10-12 2018-04-24 Microsoft Technology Licensing, Llc Trusted platforms using minimal hardware resources
US10341409B2 (en) * 2016-05-09 2019-07-02 International Business Machines Corporation Software version control without affecting a deployed container

Also Published As

Publication number Publication date
CA3023939C (en) 2021-02-09
CA3023939A1 (en) 2017-11-16
US10503931B2 (en) 2019-12-10
AU2017262658A1 (en) 2019-01-03
EP3455764B1 (en) 2020-01-29
CN109313677A (zh) 2019-02-05
EP3455764A1 (en) 2019-03-20
MX391018B (es) 2025-03-21
WO2017196777A1 (en) 2017-11-16
AU2017262658B2 (en) 2020-05-21
US20170323120A1 (en) 2017-11-09
CN109313677B (zh) 2022-02-11

Similar Documents

Publication Publication Date Title
MX2018013818A (es) Metodo y aparato para comprobacion ejecutable dinamica.
CY1123678T1 (el) Χρηση αναστολεων μυοστατινης και θεραπειες συνδυασμου
CL2019002763A1 (es) Un artículo para uso con un aparato para calentar un agente generador de aerosol.
CO2019004599A2 (es) Servicio de seguridad del internet de las cosas
CL2019002007A1 (es) Identidad de enclave multiplataforma.
MX2017007644A (es) Entrega de notificacion adaptada al usuario.
MX2018001494A (es) Controlar una nube de dispositivos.
SG11201907939VA (en) Fragmentation processing method for use with multi-blockchains, device, server and storage medium
MX2017016676A (es) Composicion envasada.
AR099619A1 (es) Polímero viscosificante para el tratamiento de una formación subterránea
BR112017008666A2 (pt) anticorpos anti-fgfr2/3 e métodos de uso dos mesmos
MX2019008092A (es) Metodo para acceso aleatorio y dispositivo terminal.
MX2020006673A (es) Metodos de tratamiento del cancer mediante el uso de un inhibidor de ataxia-telangiectasia mutada y rad3 (atr).
MX2019000775A (es) Linea de montaje con inspeccion visual elctronica integrada.
CO2019014715A2 (es) Aparato de comunicación, método y programa informático
MX2017011160A (es) Sistema de informe de prueba de bateria y metodo.
CO2017009120A2 (es) Dispositivo y método para un estilo controlado por condiciones
DOP2017000236A (es) Neutralización del virus chikungunya mediada por anticuerpos
CL2016002075A1 (es) Determinacion de proximidad a un lugar
MX2015006501A (es) Actualizaciones en redes sociales generadas por el vehiculo.
UY37342A (es) Combinación de un inhibidor de bcl-2 y un inhibidor de mcl1, usos y composiciones farmacéuticas de éstos
MX2021010202A (es) Deteccion y localizacion de ruido.
CL2018001166A1 (es) Procedimiento de ignición de un detonador electrónico y detonador electrónico
MX2017007057A (es) Boquilla de cambio rápido, sistema de cambio de boquilla rápido asociado y sistema de aplicación asociado.
CO2018002409A2 (es) Solicitud de estados unidos no provisional para dispositivos, sistemas y métodos de autenticación fotoluminiscente