2014-XU-66688 | |
The ability to trap the execution of a binary program at desired instructions is essential in many security scenarios. However, debuggers and instrumentation tools became inadequate because more of both malicious and legitimate programs are equipped with anti-debugging and anti-instrumentation. It is proposed to build systems that enable transparent trapping to solve the problem, but existing approaches are insufficient to support transparent, efficient, and flexible instruction-level trapping. Researchers at Purdue University have developed a stealthy program instrumentation framework called SPIDER. This framework will enable transparent, efficient, and flexible instruction-level trapping based on hardware virtualization. The invisible breakpoint used in SPIDER is a novel primitive that has the efficiency and flexibility of software breakpoint; it utilizes hardware virtualization to hide its side effects from the guest. Advantages: -Perfect stealthiness -Higher trapping efficiency -Greater flexibility Potential Applications: -Computer Security |
|
|
|
Jan 13, 2015
Utility Patent
United States
9,817,745
Nov 14, 2017
Jan 13, 2014
Provisional-Patent
United States
(None)
(None)
|
|
Purdue Office of Technology Commercialization The Convergence Center 101 Foundry Drive, Suite 2500 West Lafayette, IN 47906 Phone: (765) 588-3475 Fax: (765) 463-3486 Email: otcip@prf.org |