SPIDER: Stealthy Binary Program Instrumentation and Debugging

Back to all technologies
Download as PDF
The ability to trap the execution of a binary program at desired instructions is essential in many security scenarios. However, debuggers and instrumentation tools became inadequate because more of both malicious and legitimate programs are equipped with anti-debugging and anti-instrumentation. It is proposed to build systems that enable transparent trapping to solve the problem, but existing approaches are insufficient to support transparent, efficient, and flexible instruction-level trapping.

Researchers at Purdue University have developed a stealthy program instrumentation framework called SPIDER. This framework will enable transparent, efficient, and flexible instruction-level trapping based on hardware virtualization. The invisible breakpoint used in SPIDER is a novel primitive that has the efficiency and flexibility of software breakpoint; it utilizes hardware virtualization to hide its side effects from the guest.

-Perfect stealthiness
-Higher trapping efficiency
-Greater flexibility

Potential Applications:
-Computer Security
Jan 13, 2015
Utility Patent
United States
Nov 14, 2017

Jan 13, 2014
United States
Purdue Office of Technology Commercialization
The Convergence Center
101 Foundry Drive, Suite 2500
West Lafayette, IN 47906

Phone: (765) 588-3475
Fax: (765) 463-3486
Email: otcip@prf.org