| US 7,577,992 B2 | ||
| Software security based on control flow integrity | ||
| Martin Abadi, Palo Alto, Calif. (US); Mihai-Dan Budiu, Sunnyvale, Calif. (US); Ulfar Erlingsson, San Francisco, Calif. (US); and Jay A. Ligatti, Princeton, N.J. (US) | ||
| Assigned to Microsoft Corporation, Redmond, Wash. (US) | ||
| Filed on Jan. 14, 2005, as Appl. No. 11/36,121. | ||
| Prior Publication US 2006/0161978 A1, Jul. 20, 2006 | ||
| Int. Cl. G06F 21/22 (2006.01); G06F 9/44 (2006.01); G06F 11/30 (2006.01) | ||
| U.S. Cl. 726—22 [713/236] | 17 Claims |
| 1. A method, when execute by a computer, for thwarting attacks against security of a software system, comprising:
locating in the software a first computed control flow instruction comprising a first source associated with a first destination;
inserting a first identifying bit pattern at the first source;
inserting the first identifying bit pattern at the first destination;
comparing the first identifying bit pattern at the source with the first identifying bit pattern at the destination; and
adopting remedial measures when such enforcement encounters a violation of the control flow integrity, wherein the software
system comprises software associated with a computer memory, and wherein the control flow integrity is associated with a control
flow graph specification.
|