SPIDER: Stealthy Binary Program Instrumentation and Debugging

Back to all technologies
Download as PDF
2014-XU-66688
The ability to trap the execution of a binary program at desired instructions is essential in many security scenarios. However, debuggers and instrumentation tools became inadequate because more of both malicious and legitimate programs are equipped with anti-debugging and anti-instrumentation. It is proposed to build systems that enable transparent trapping to solve the problem, but existing approaches are insufficient to support transparent, efficient, and flexible instruction-level trapping.

Researchers at Purdue University have developed a stealthy program instrumentation framework called SPIDER. This framework will enable transparent, efficient, and flexible instruction-level trapping based on hardware virtualization. The invisible breakpoint used in SPIDER is a novel primitive that has the efficiency and flexibility of software breakpoint; it utilizes hardware virtualization to hide its side effects from the guest.

Advantages:
-Perfect stealthiness
-Higher trapping efficiency
-Greater flexibility

Potential Applications:
-Computer Security
Jan 13, 2015
Utility Patent
United States
9,817,745
Nov 14, 2017

Jan 13, 2014
Provisional-Patent
United States
(None)
(None)
Purdue Office of Technology Commercialization
1801 Newman Road
West Lafayette, IN 47906

Phone: (765) 588-3475
Fax: (765) 463-3486
Email: otcip@prf.org