专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20130104239A1 SYSTEM AND METHOD FOR OBFUSCATING DATA USING INSTRUCTIONS AS A SOURCE OF PSEUDORANDOM VALUES 有权
标题翻译：使用指令作为PSEUDORANDOM值的来源来对数据进行数据采集的系统和方法
公开(公告)号：US20130104239A1
公开(公告)日：2013-04-25
申请号：US13308515
申请日：2011-11-30
申请人： Jon McLachlan , Gideon M. Myles , Julien Lerouge
发明人： Jon McLachlan , Gideon M. Myles , Julien Lerouge
IPC分类号： G06F21/24 , G06F17/30
CPC分类号： G06F7/588 , G06F21/54 , G06F2221/2107
摘要： Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating data using instructions as a source of pseudorandom values. Obfuscation is performed by receiving instructions and data and compiling the instructions and the data into an executable file having a text section and a data section. The text section can include instructions and the data section can include data segments. The system obfuscates the data section iteratively by generating a hash of an address for a respective data segment, and based on the hash, identifying a corresponding address in the text section that includes at least one instruction. The system retrieves a mask key from the corresponding address and applies the mask key to the respective data segment, yielding a masked data segment. In one embodiment, integrity verification of obfuscated data is performed without exposing the data in an unprotected state by utilizing multiple mask keys.
摘要翻译：本文公开了用于使用指令作为伪随机值的来源来模糊数据的系统，方法和非暂时的计算机可读存储介质。通过接收指令和数据并将指令和数据编译成具有文本部分和数据部分的可执行文件来执行混淆。文本部分可以包括指令，数据部分可以包括数据段。该系统通过生成相应数据段的地址的散列来迭代地模糊数据段，并且基于散列，识别包括至少一个指令的文本段中的相应地址。该系统从对应的地址中获取一个掩码密钥，并将该掩码密钥应用于相应的数据段，产生一个被掩蔽的数据段。在一个实施例中，执行混淆数据的完整性验证，而不会通过利用多个掩码密钥将数据暴露在未受保护状态。

2. 发明授权

US08887140B2 System and method for annotation-driven function inlining 有权
标题翻译：注释驱动函数内联的系统和方法
公开(公告)号：US08887140B2
公开(公告)日：2014-11-11
申请号：US12688807
申请日：2010-01-15
申请人： Julien Lerouge , Nicholas T. Sullivan , Gideon M. Myles , Jon McLachlan , Augustin J. Farrugia
发明人： Julien Lerouge , Nicholas T. Sullivan , Gideon M. Myles , Jon McLachlan , Augustin J. Farrugia
IPC分类号： G06F21/14 , G06F9/45 , G06F9/46 , G06F17/24
CPC分类号： G06F21/14 , G06F8/4443 , G06F9/463 , G06F17/241
摘要： Disclosed herein are systems, methods, and computer-readable storage media for obfuscating using inlined functions. A system configured to practice the method receives a program listing including annotated functions for obfuscation, identifies an annotated function called more than once in the program listing, and creates an inline control flow structure in the program listing for the identified annotated function, the control flow structure being computationally equivalent to inlining the identified annotated function into the program listing for each occurrence of the identified annotated function. The program listing can include tiers of annotated functions. The system can identify annotated functions called more than once based on an optionally generated callgraph. The system can create inline control flow structures in the program listing in order of annotation importance. The system can identify how many times each annotated function is called in the program listing.
摘要翻译：本文公开了用于使用内联函数进行混淆的系统，方法和计算机可读存储介质。配置为实施该方法的系统接收包括用于模糊化的注释功能的程序列表，在程序列表中标识多于一次的注释函数，并且在所述程序列表中为所识别的注释功能创建一个内联控制流结构，计算结构相当于将所识别的注释功能内联到所述识别的注释功能的每次出现的程序列表中。程序列表可以包括注释功能的层次。系统可以基于可选地生成的呼叫图来识别多次调用的注释功能。该系统可以在注释重要性的顺序创建程序列表中的内联控制流结构。系统可以识别每个注释功能在程序列表中调用的次数。

3. 发明授权

US08751823B2 System and method for branch function based obfuscation 有权
标题翻译：基于分支函数的混淆的系统和方法
公开(公告)号：US08751823B2
公开(公告)日：2014-06-10
申请号：US13195748
申请日：2011-08-01
申请人： Gideon M. Myles , Julien Lerouge , Jon McLachlan , Ganna Zaks , Augustin J. Farrugia
发明人： Gideon M. Myles , Julien Lerouge , Jon McLachlan , Ganna Zaks , Augustin J. Farrugia
IPC分类号： G06F21/22
CPC分类号： G06F21/14 , G06F2221/033
摘要： Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating branches in computer code. A compiler or a post-compilation tool can obfuscate branches by receiving source code, and compiling the source code to yield computer-executable code. The compiler identifies branches in the computer-executable code, and determines a return address and a destination value for each branch. Then, based on the return address and the destination value for each branch, the compiler constructs a binary tree with nodes and leaf nodes, each node storing a balanced value, and each leaf node storing a destination value. The non-leaf nodes are arranged such that searching the binary tree by return address leads to a corresponding destination value. Then the compiler inserts the binary tree in the computer-executable code and replaces each branch with instructions in the computer-executable code for performing a branching operation based on the binary tree.
摘要翻译：本文公开了用于在计算机代码中模糊分支的系统，方法和非暂时的计算机可读存储介质。编译器或后编译工具可以通过接收源代码来模糊分支，并编译源代码以产生计算机可执行代码。编译器识别计算机可执行代码中的分支，并确定每个分支的返回地址和目标值。然后，基于每个分支的返回地址和目的地值，编译器构造具有节点和叶节点的二叉树，每个节点存储平衡值，并且每个叶节点存储目的地值。非叶节点被布置为使得通过返回地址搜索二叉树导致相应的目的地值。然后，编译器将二进制树插入计算机可执行代码，并用计算机可执行代码中的指令替换每个分支，以执行基于二叉树的分支操作。

4. 发明授权

US08656363B2 System and method for entropy pool verification 有权
标题翻译：熵池验证的系统和方法
公开(公告)号：US08656363B2
公开(公告)日：2014-02-18
申请号：US12815298
申请日：2010-06-14
申请人： Jon McLachlan , Julien Lerouge , Nicholas T. Sullivan , Ganna Zaks , Augustin J. Farrugia
发明人： Jon McLachlan , Julien Lerouge , Nicholas T. Sullivan , Ganna Zaks , Augustin J. Farrugia
IPC分类号： G06F9/44 , G06F11/30 , G06F12/14
CPC分类号： G06F7/588 , G06F21/64 , G06F2221/2145 , H04L2209/16
摘要： Disclosed are systems, methods, and non-transitory computer-readable storage media for detecting changes in a source of entropy. A system configured to practice the method generates a cyclic graph based at least in part on the values in the entropy pool. Using the cyclic graph and one or more starting points, the system establishes one or more baseline properties for the cyclic graph. These properties can include the number of steps required to identify a cycle in the graph or the number of steps required to traverse the graph from one or more starting points to a selected end point. The computed properties are then stored for later use. As execution progresses, the system monitors the entropy pool to detect a change by regenerating the cyclic graph and using the stored properties.
摘要翻译：公开了用于检测熵源中的变化的系统，方法和非暂时的计算机可读存储介质。配置为实施该方法的系统至少部分地基于熵池中的值来生成循环图。使用循环图和一个或多个起始点，系统建立循环图的一个或多个基线属性。这些属性可以包括识别图形中的循环所需的步骤数量，或者从一个或多个起始点到所选终点遍历图形所需的步骤数。然后将计算的属性存储以供以后使用。随着执行的进行，系统通过重新生成循环图并使用存储的属性来监视熵池来检测变化。

5. 发明申请

US20120260106A1 SYSTEM AND METHOD FOR BINARY LAYOUT RANDOMIZATION 审中-公开
标题翻译：用于二进制布局约束的系统和方法
公开(公告)号：US20120260106A1
公开(公告)日：2012-10-11
申请号：US13081994
申请日：2011-04-07
申请人： Ganna Zaks , Julien Lerouge , Jon McLachlan , Gideon M. Myles , Augustin J. Farrugia
发明人： Ganna Zaks , Julien Lerouge , Jon McLachlan , Gideon M. Myles , Augustin J. Farrugia
IPC分类号： G06F12/14
CPC分类号： G06F21/14 , G06F12/1408
摘要： Disclosed herein are systems, methods, and non-transitory computer-readable storage media for binary layout randomization. A system performs binary layout randomization by loading computer code into memory and identifying a section of the computer code to randomize. A loader remaps the section of computer code to a different location in memory utilizing a remapping algorithm. The loader can shuffle sections of code in place or move sections of code elsewhere. The loader patches relative addresses to point to the updated locations in memory. After the system patches the addresses, the system executes the computer code from memory. In one embodiment, the system encrypts the computer code prior to loading the computer code into memory. The loader decrypts the encrypted computer code prior to remapping the section of computer code to a different location in memory. Optionally, the loader can decrypt the encrypted computer code after patching relative addresses.
摘要翻译：本文公开了用于二进制布局随机化的系统，方法和非暂时计算机可读存储介质。系统通过将计算机代码加载到内存中并识别计算机代码的一部分来随机化来执行二进制布局随机化。使用重新映射算法，加载器将计算机代码的部分重新映射到存储器中的不同位置。加载器可以将代码段拖放到位或将代码段移到其他位置。加载程序将相对地址补丁指向内存中更新的位置。系统修补地址后，系统会从内存中执行计算机代码。在一个实施例中，系统在将计算机代码加载到存储器之前加密计算机代码。在重新映射计算机代码部分到存储器中的不同位置之前，加载器解密加密的计算机代码。可选地，加载器可以在修补相对地址之后对加密的计算机代码进行解密。

6. 发明授权

US09116765B2 System and method for obfuscating data using instructions as a source of pseudorandom values 有权
标题翻译：使用指令作为伪随机数值来源对数据进行模糊处理的系统和方法
公开(公告)号：US09116765B2
公开(公告)日：2015-08-25
申请号：US13308515
申请日：2011-11-30
申请人： Jon McLachlan , Gideon M. Myles , Julien Lerouge
发明人： Jon McLachlan , Gideon M. Myles , Julien Lerouge
IPC分类号： H04L29/00 , G06F7/58 , G06F21/54
CPC分类号： G06F7/588 , G06F21/54 , G06F2221/2107
摘要： Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating data using instructions as a source of pseudorandom values. Obfuscation is performed by receiving instructions and data and compiling the instructions and the data into an executable file having a text section and a data section. The text section can include instructions and the data section can include data segments. The system obfuscates the data section iteratively by generating a hash of an address for a respective data segment, and based on the hash, identifying a corresponding address in the text section that includes at least one instruction. The system retrieves a mask key from the corresponding address and applies the mask key to the respective data segment, yielding a masked data segment. In one embodiment, integrity verification of obfuscated data is performed without exposing the data in an unprotected state by utilizing multiple mask keys.
摘要翻译：本文公开了用于使用指令作为伪随机值的来源来模糊数据的系统，方法和非暂时的计算机可读存储介质。通过接收指令和数据并将指令和数据编译成具有文本部分和数据部分的可执行文件来执行混淆。文本部分可以包括指令，数据部分可以包括数据段。该系统通过生成相应数据段的地址的散列来迭代地模糊数据段，并且基于散列，识别包括至少一个指令的文本段中的相应地址。该系统从对应的地址中获取一个掩码密钥，并将该掩码密钥应用于相应的数据段，产生一个被掩蔽的数据段。在一个实施例中，执行混淆数据的完整性验证，而不会通过利用多个掩码密钥将数据暴露在未受保护状态。

7. 发明授权

US08615735B2 System and method for blurring instructions and data via binary obfuscation 有权
标题翻译：通过二进制混淆模糊指令和数据的系统和方法
公开(公告)号：US08615735B2
公开(公告)日：2013-12-24
申请号：US13100041
申请日：2011-05-03
申请人： Jon McLachlan , Ganna Zaks , Julien Lerouge , Pierre Betouin , Augustin J. Farrugia , Gideon M. Myles , Cédric Tessier
发明人： Jon McLachlan , Ganna Zaks , Julien Lerouge , Pierre Betouin , Augustin J. Farrugia , Gideon M. Myles , Cédric Tessier
IPC分类号： G06F9/44
CPC分类号： G06F21/14 , G06F21/125
摘要： Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating a computer program. A system configured to practice the method identifies a set of executable instructions at a first location in an instruction section of the computer program and identifies a second location in a data section of the computer program. Then the system moves the set of executable instructions to the second location and patches references in the computer program to the set of executable instructions to point to the second location. The instruction section of the computer program can be labeled as _TEXT,_text and the data section of the computer program is labeled as _DATA,_data. The set of executable instructions can include one or more non-branching instructions optionally followed by a branching instruction. The placement of the first and second locations can be based on features of a target computing architecture, such as cache size.
摘要翻译：本文公开了用于模糊计算机程序的系统，方法和非暂时的计算机可读存储介质。被配置为练习该方法的系统在计算机程序的指令部分中的第一位置识别一组可执行指令，并且识别计算机程序的数据部分中的第二位置。然后系统将可执行指令集移动到第二位置，并将计算机程序中的引用修补到指向第二位置的可执行指令集。计算机程序的指令部分可以标记为_TEXT，_text，计算机程序的数据部分标记为_DATA，_data。该可执行指令集可以包括一个或多个非分支指令，可选地跟随分支指令。第一和第二位置的放置可以基于诸如高速缓存大小的目标计算架构的特征。

8. 发明申请

US20130103942A1 SYSTEM AND METHOD FOR PSEUDO-RANDOM POLYMORPHIC TREE CONSTRUCTION 有权
标题翻译： PSOUDO随机多态树构造的系统与方法
公开(公告)号：US20130103942A1
公开(公告)日：2013-04-25
申请号：US13276612
申请日：2011-10-19
申请人： Nicholas T. Sullivan , Bertrand Mollinier Toublet , Gianpaolo Fasoli , Jon McLachlan
发明人： Nicholas T. Sullivan , Bertrand Mollinier Toublet , Gianpaolo Fasoli , Jon McLachlan
IPC分类号： H04L9/32 , G06F15/16
CPC分类号： H04L9/0662 , H04L9/083 , H04L2209/16
摘要： Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating data via a pseudo-random polymorphic tree. A server, using a seed value shared with a client device, generates a tag stream according to a byte-string algorithm. The server passes the tag stream and the data to be transmitted to the client device through a pseudo-random polymorphic tree serializer to generate a pseudo-random polymorphic tree, which the server transmits to the client device. The client device, using the same seed and byte-string algorithm, generates the same tag stream as on the server. The client passes that tag stream and the received pseudo-random polymorphic tree through a pseudo-random polymorphic tree parser to extract the data. Data to be transmitted from the server to the client device is hidden in a block of seemingly random data, which changes for different seed values. This approach obfuscates data and has low processing overhead.
摘要翻译：本文公开了用于通过伪随机多态树来模糊数据的系统，方法和非暂时的计算机可读存储介质。使用与客户端设备共享的种子值的服务器根据字节串算法生成标签流。服务器通过伪随机多态树序列化器将标签流和要发送到客户端设备的数据传递给服务器发送给客户端设备的伪随机多态树。使用相同种子和字节串算法的客户端设备生成与服务器上相同的标签流。客户端通过伪随机多态树解析器传递该标签流和接收的伪随机多态树，以提取数据。要从服务器发送到客户端设备的数据被隐藏在看似随机数据的块中，其对于不同的种子值而变化。这种方法模糊数据并具有较低的处理开销。

9. 发明申请

US20130036473A1 SYSTEM AND METHOD FOR BRANCH FUNCTION BASED OBFUSCATION 有权
标题翻译：基于分支函数的OBFUSC的系统和方法
公开(公告)号：US20130036473A1
公开(公告)日：2013-02-07
申请号：US13195748
申请日：2011-08-01
申请人： Gideon M. Myles , Julien Lerouge , Jon McLachlan , Ganna Zaks , Augustin J. Farrugia
发明人： Gideon M. Myles , Julien Lerouge , Jon McLachlan , Ganna Zaks , Augustin J. Farrugia
IPC分类号： G06F21/00 , G06F9/38 , G06F9/45
CPC分类号： G06F21/14 , G06F2221/033
摘要： Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating branches in computer code. A compiler or a post-compilation tool can obfuscate branches by receiving source code, and compiling the source code to yield computer-executable code. The compiler identifies branches in the computer-executable code, and determines a return address and a destination value for each branch. Then, based on the return address and the destination value for each branch, the compiler constructs a binary tree with nodes and leaf nodes, each node storing a balanced value, and each leaf node storing a destination value. The non-leaf nodes are arranged such that searching the binary tree by return address leads to a corresponding destination value. Then the compiler inserts the binary tree in the computer-executable code and replaces each branch with instructions in the computer-executable code for performing a branching operation based on the binary tree.
摘要翻译：本文公开了用于在计算机代码中模糊分支的系统，方法和非暂时的计算机可读存储介质。编译器或后编译工具可以通过接收源代码来模糊分支，并编译源代码以产生计算机可执行代码。编译器识别计算机可执行代码中的分支，并确定每个分支的返回地址和目标值。然后，基于每个分支的返回地址和目的地值，编译器构造具有节点和叶节点的二叉树，每个节点存储平衡值，并且每个叶节点存储目的地值。非叶节点被布置为使得通过返回地址搜索二叉树导致相应的目的地值。然后，编译器将二进制树插入计算机可执行代码，并用计算机可执行代码中的指令替换每个分支，以执行基于二叉树的分支操作。

10. 发明申请

US20120179898A1 SYSTEM AND METHOD FOR ENFORCING SOFTWARE SECURITY THROUGH CPU STATISTICS GATHERED USING HARDWARE FEATURES 审中-公开
标题翻译：通过使用硬件特性获得CPU统计信息执行软件安全的系统和方法
公开(公告)号：US20120179898A1
公开(公告)日：2012-07-12
申请号：US12987743
申请日：2011-01-10
申请人： Pierre Betouin , Jon McLachlan , Gianpaolo Fasoli , Julien Lerouge , Ganna Zaks , Augustin J. Farrugia
发明人： Pierre Betouin , Jon McLachlan , Gianpaolo Fasoli , Julien Lerouge , Ganna Zaks , Augustin J. Farrugia
IPC分类号： G06F9/30
CPC分类号： G06F9/3005 , G06F9/30076 , G06F9/3851 , G06F11/3476 , G06F21/71 , G06F2201/865 , G06F2201/88 , G06F2221/2101
摘要： This disclosure is directed to measuring hardware-based statistics, such as the number of instructions executed in a specific section of a program during execution, for enforcing software security. The counting can be accomplished through a specific set of instructions, which can either be implemented in hardware or included in the instruction set of a virtual machine. For example, the set of instructions can include atomic instructions of reset, start, stop, get instruction count, and get CPU cycle count. To obtain information on a specific section of code, a software developer can insert start and stop instructions around the desired code section. For each instruction in the identified code block, when the instruction is executed, a counter is incremented. The counter can be stored in a dedicated register. The gathered statistics can be used for a variety of purposes, such as detecting unauthorized code modifications or measuring code performance.
摘要翻译：本公开涉及测量基于硬件的统计，诸如在执行期间在程序的特定部分中执行的指令的数量，用于执行软件安全性。计数可以通过一组特定的指令来实现，这些指令可以在硬件中实现，也可以包含在虚拟机的指令集中。例如，该指令集可以包括复位，开始，停止，获取指令计数以及获取CPU周期计数的原子指令。要获取有关特定部分代码的信息，软件开发人员可以在所需代码段周围插入启动和停止指令。对于识别的代码块中的每个指令，执行指令时，计数器递增。计数器可以存储在专用寄存器中。收集的统计信息可以用于各种目的，例如检测未经授权的代码修改或测量代码性能。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式