SPIDER: Stealthy Binary Program Instrumentation and Debugging

Bookmark/Download	Download as PDF
Track Code	2014-XU-66688
Categories	Computer Technology
Keywords	Big Data Binary Computer Security Computer Technology Instrumentation Software
Public Abstract	The ability to trap the execution of a binary program at desired instructions is essential in many security scenarios. However, debuggers and instrumentation tools became inadequate because more of both malicious and legitimate programs are equipped with anti-debugging and anti-instrumentation. It is proposed to build systems that enable transparent trapping to solve the problem, but existing approaches are insufficient to support transparent, efficient, and flexible instruction-level trapping. Researchers at Purdue University have developed a stealthy program instrumentation framework called SPIDER. This framework will enable transparent, efficient, and flexible instruction-level trapping based on hardware virtualization. The invisible breakpoint used in SPIDER is a novel primitive that has the efficiency and flexibility of software breakpoint; it utilizes hardware virtualization to hide its side effects from the guest. Advantages: -Perfect stealthiness -Higher trapping efficiency -Greater flexibility Potential Applications: -Computer Security
People	Xu, Dongyan (Project leader) Deng, Zhui Zhang, Xiangyu
Intellectual Property	Application Date Jan 13, 2015 Type Utility Patent Country of Filing United States Patent Number 9,817,745 Issue Date Nov 14, 2017 Application Date Jan 13, 2014 Type Provisional-Patent Country of Filing United States Patent Number (None) Issue Date (None)
Contact OTC	Purdue Office of Technology Commercialization The Convergence Center 101 Foundry Drive, Suite 2500 West Lafayette, IN 47906 Phone: (765) 588-3475 Fax: (765) 463-3486 Email: otcip@prf.org