公开(公告)号：US20170083702A1

公开(公告)日：2017-03-23

申请号：US15057336

申请日：2016-03-01

Applicant: QUALCOMM Incorporated

Inventor： Sudha Anil Kumar GATHALA ,  Rajarshi Gupta ,  Nayeem Islam

IPC: G06F21/55

CPC classification number: G06F21/554 ,  G06F21/52 ,  G06F21/552 ,  G06F21/566

Abstract: Various embodiments include methods for detecting software attacks on a process executing on a computing device. Various embodiment methods may include monitoring structural attributes of a plurality of virtual memory regions utilized by the process, and comparing the monitored structural attributes to the expected structural attributes of the plurality of VMRs. Various embodiment methods may further include determining whether the monitored structural attributes represent anomalous behavior of the process based on the comparison between the monitored structural attributes and the expected structural attributes.

公开(公告)号：US20180314825A1

公开(公告)日：2018-11-01

申请号：US16025932

申请日：2018-07-02

Applicant: QUALCOMM Incorporated

Inventor： Sudha Anil Kumar GATHALA ,  Gheorghe Calin CASCAVAL ,  Rajarshi GUPTA

IPC: G06F21/55 ,  G06F21/52 ,  G06F3/06 ,  G06F12/1009 ,  G06F17/30

CPC classification number: G06F21/554 ,  G06F3/0623 ,  G06F3/0631 ,  G06F3/0653 ,  G06F3/0683 ,  G06F12/1009 ,  G06F17/30138 ,  G06F17/30233 ,  G06F21/52

Abstract: Embodiments include computing devices, apparatus, and methods implemented by the apparatus for time varying address space layout randomization. The apparatus may launch first plurality of versions of a system service and assign a random virtual address space layout to each of the first plurality of versions of the system service. The apparatus may receive a first request to execute the system service from a first application. The apparatus may randomly select a first version of the system service from the first plurality of versions of the system service, and execute the system service using data of the first version of the system service.

公开(公告)号：US20170286066A1

公开(公告)日：2017-10-05

申请号：US15085415

申请日：2016-03-30

Applicant: QUALCOMM Incorporated

Inventor： Sudha Anil Kumar GATHALA ,  Mihai CHRISTODORESCU ,  Mastooreh SALAJEGHEH

IPC: G06F9/44

CPC classification number: G06F8/30 ,  G06F8/54 ,  G06F9/44521 ,  G06F9/44557 ,  G06F11/3466 ,  G06F11/3624 ,  G06F11/3644

Abstract: Various embodiments include methods for dynamically modifying shared libraries on a client computing device. Various embodiment methods may include receiving a first set of code segments and a first set of code sites associated with a first application. Each code in the first set of code sites may include an address within a compiled shared library stored on the client computing device. The compiled shared library may include one or more dummy instructions inserted at each code site in the first set of code sites, and each code segment in the first set of code segments may be associated with a code site in the first set of code sites. The client computing device may insert each code segment in the first set of code segments at its associated code site in the compiled shared library.