MITIGATING ATTACKS ON KERNEL ADDRESS SPACE LAYOUT RANDOMIZATION
Various systems and methods for detecting and preventing side-channel attacks, including attacks aimed at discovering the location of KASLR-randomized privileged code sections in virtual memory address space, are described. In an example, a computing system includes electronic operations for detecti...
Saved in:
| Main Authors | , , , , , , , , |
|---|---|
| Format | Patent |
| Language | English |
| Published |
03.01.2019
|
| Subjects | |
| Online Access | Get full text |
Cover
Loading…
| Abstract | Various systems and methods for detecting and preventing side-channel attacks, including attacks aimed at discovering the location of KASLR-randomized privileged code sections in virtual memory address space, are described. In an example, a computing system includes electronic operations for detecting unauthorized attempts to access kernel virtual memory pages via trap entry detection, with operations including: generating a trap page with a physical memory address; assigning a phantom page at an open location in the privileged portion of the virtual memory address space; generating a plurality of phantom page table entries corresponding to an otherwise-unmapped privileged virtual memory region; placing the trap page in physical memory and placing the phantom page table entry in a page table map; and detecting an access to the trap page via the phantom page table entry, to trigger a response to a potential attack. |
|---|---|
| AbstractList | Various systems and methods for detecting and preventing side-channel attacks, including attacks aimed at discovering the location of KASLR-randomized privileged code sections in virtual memory address space, are described. In an example, a computing system includes electronic operations for detecting unauthorized attempts to access kernel virtual memory pages via trap entry detection, with operations including: generating a trap page with a physical memory address; assigning a phantom page at an open location in the privileged portion of the virtual memory address space; generating a plurality of phantom page table entries corresponding to an otherwise-unmapped privileged virtual memory region; placing the trap page in physical memory and placing the phantom page table entry in a page table map; and detecting an access to the trap page via the phantom page table entry, to trigger a response to a potential attack. |
| Author | Chaikin, Baruch Shen-orr, Chaim Shlomovich, Yonatan Benedek, Gyora Elbaum, Reuven Bear, Uri Kloper, Dimitry Peer, Elad Doweck, Jacob Jack |
| Author_xml | – fullname: Benedek, Gyora – fullname: Elbaum, Reuven – fullname: Peer, Elad – fullname: Chaikin, Baruch – fullname: Shen-orr, Chaim – fullname: Shlomovich, Yonatan – fullname: Kloper, Dimitry – fullname: Bear, Uri – fullname: Doweck, Jacob Jack |
| BookMark | eNrjYmDJy89L5WSw9_UM8XR3DPH0c1dwDAlxdPYOVvD3U_B2DfJz9VFwdHEJcg0OVggOcHR2VfBxjPQPDVEIcvRz8ff1jAJq8vfjYWBNS8wpTuWF0twMym6uIc4euqkF-fGpxQWJyal5qSXxocFGBoaWBgYmluZGjobGxKkCAFTVLUE |
| ContentType | Patent |
| DBID | EVB |
| DatabaseName | esp@cenet |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: EVB name: esp@cenet url: http://worldwide.espacenet.com/singleLineSearch?locale=en_EP sourceTypes: Open Access Repository |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Medicine Chemistry Sciences Physics |
| ExternalDocumentID | US2019004972A1 |
| GroupedDBID | EVB |
| ID | FETCH-epo_espacenet_US2019004972A13 |
| IEDL.DBID | EVB |
| IngestDate | Fri Jul 19 16:17:09 EDT 2024 |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-epo_espacenet_US2019004972A13 |
| Notes | Application Number: US201715637524 |
| OpenAccessLink | https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20190103&DB=EPODOC&CC=US&NR=2019004972A1 |
| ParticipantIDs | epo_espacenet_US2019004972A1 |
| PublicationCentury | 2000 |
| PublicationDate | 20190103 |
| PublicationDateYYYYMMDD | 2019-01-03 |
| PublicationDate_xml | – month: 01 year: 2019 text: 20190103 day: 03 |
| PublicationDecade | 2010 |
| PublicationYear | 2019 |
| RelatedCompanies | Intel Corporation |
| RelatedCompanies_xml | – name: Intel Corporation |
| Score | 3.1812713 |
| Snippet | Various systems and methods for detecting and preventing side-channel attacks, including attacks aimed at discovering the location of KASLR-randomized... |
| SourceID | epo |
| SourceType | Open Access Repository |
| SubjectTerms | CALCULATING COMPUTING COUNTING ELECTRIC DIGITAL DATA PROCESSING PHYSICS |
| Title | MITIGATING ATTACKS ON KERNEL ADDRESS SPACE LAYOUT RANDOMIZATION |
| URI | https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20190103&DB=EPODOC&locale=&CC=US&NR=2019004972A1 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV3da8IwED_Efb5t3cY-3Ahs9K2s2PqxB5GYVO3UVmw73F6krQ0MRpXZsX9_l0w3n3zMBY7k4D7zuwvAQ7NqSTeVGKaozg27JlIjlgCbuR1bWSYSU6iC28ir9yP7eVqbluBj0wuj5oR-q-GIqFEp6nuh7PXyv4jFFbZy9Zi8I2nR7oYtrq-zY-ndTEvnnZYz9rnPdMZaUaB7k989jIYbVYq50h4G0g2pD85LR_alLLedSvcE9sfILy9OoZTlGhyxzd9rGhyO1k_eGhwojGa6QuJaD1dn0EaL4_Zo6Ho9QsOQskFAfI8MnInnDAnlXMqVBGPKHDKkr34Ukgn1uD9y31RN6hzuu07I-gaeafYnglkUbF_AuoByvsizS4lMEkJgDCGEVbfNuPaUNpM4yeQgqybS0iuo7OJ0vXv7Bo7lUpUcrAqUi8-v7BadcJHcKdn9ABFehM4 |
| link.rule.ids | 230,309,783,888,25576,76876 |
| linkProvider | European Patent Office |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV3dT8IwEL8Q_MA3RY0fqE00e1tc2PjwgZDSDphsHWGbQV_INtbExAwiM_77thWUJ17vkkt7yd3v7np3BXho100JU4lu8Ppctxo81WPZYDO3YjPLeGJwVXDzWHMYWc_TxrQEH5tZGLUn9FstRxQWlQp7L5S_Xv4XsajqrVw9Ju-CtOj2ww7V1tmxRDfD1GivY4996hONkE4UaGzyyxPRcKuORa60J4LslrQH-6Un51KW26DSP4b9sZCXFydQyvIqVMjm77UqHHrrJ-8qHKgezXQliGs7XJ1CV3gcZ4BDhw0QDkNMRgHyGRrZE2a7CFMq9YqCMSY2cvGrH4Voghn1PedN1aTO4L5vh2SoizPN_lQwi4LtC5jnUM4XeXYhO5M45yKG4NxsWkbceErbSZxkcpFVW9DSS6jtknS1m30HlWHouTPXYaNrOJIsVX4wa1AuPr-yGwHIRXKr9PgDeAqHwQ |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Apatent&rft.title=MITIGATING+ATTACKS+ON+KERNEL+ADDRESS+SPACE+LAYOUT+RANDOMIZATION&rft.inventor=Benedek%2C+Gyora&rft.inventor=Elbaum%2C+Reuven&rft.inventor=Peer%2C+Elad&rft.inventor=Chaikin%2C+Baruch&rft.inventor=Shen-orr%2C+Chaim&rft.inventor=Shlomovich%2C+Yonatan&rft.inventor=Kloper%2C+Dimitry&rft.inventor=Bear%2C+Uri&rft.inventor=Doweck%2C+Jacob+Jack&rft.date=2019-01-03&rft.externalDBID=A1&rft.externalDocID=US2019004972A1 |