Deterministic Detection for Hijacked Program Execution
Small Business Information
531 Esty Street, Ithaca, NY, -
AbstractModern computer systems are employed in numerous environments and are capable of performing a wide range of tasks. To support such capabilities economically, software developers have introduced a wide variety of functionality in modular chunks that can be rapidly reconfigured to create new applications. This leads to large, complex systems that, while providing the desired capabilities, may also include non-obvious and undesirable behavior. Such behavior can often be used to compromise the security of a computer system, leaving the system vulnerable to attacks that may disrupt the system"s operation or exfiltrate sensitive information. We propose the creation of a whole-system detection platform capable of supporting a suite of detection strategies for countering exploits that hijack the execution of a running operating system or one of its hosted applications. A critical initial component of this detection platform will be a control-flow integrity (CFI) checker. Integrity of execution control flow indicates that the execution of instructions in a software component follows a path that was intended by the developer of the softwarea property violated by many attack vectors. The proposed technology would detect such attacks by recognizing when such a violation occurs.
* information listed above is at the time of submission.