Programmable Hardware Security Counters

Programmable Hardware Security Counters

Embodiments include computing devices and methods implemented by computing devices for using programmable hardware security counters for detecting malicious behavior. Various embodiments may include tracking the value of hardware instruction pointers, such as pointers tracking the memory address of...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Samadani, Ramin, Islam, Nayeem, Galenson, Joel, Chen, Yin
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Embodiments include computing devices and methods implemented by computing devices for using programmable hardware security counters for detecting malicious behavior. Various embodiments may include tracking the value of hardware instruction pointers, such as pointers tracking the memory address of each executing instruction. The computing device may identify a start and end of contiguous instruction segments using the tracked instruction pointer. For example, the computing device may analyze changes in value of the instruction pointer to detect "jumps" or large changes in the memory address of executing instructions. Based, at least in part, on the identified instruction segments, the computing device may determine whether the instruction segments represent malicious behavior. If the instruction segments represent malicious behavior, the computing device may terminate the requesting software application.