WO2001086372A3 - Information security method and system - Google Patents

Information security method and system Download PDF

Info

Publication number
WO2001086372A3
WO2001086372A3 PCT/IB2001/001197 IB0101197W WO0186372A3 WO 2001086372 A3 WO2001086372 A3 WO 2001086372A3 IB 0101197 W IB0101197 W IB 0101197W WO 0186372 A3 WO0186372 A3 WO 0186372A3
Authority
WO
WIPO (PCT)
Prior art keywords
application
security features
polymorphed
instance
polymorphic engine
Prior art date
Application number
PCT/IB2001/001197
Other languages
French (fr)
Other versions
WO2001086372A9 (en
WO2001086372A2 (en
Inventor
David Tucker
Matt A Crump
Jerome Witmann
Original Assignee
Xtreamlok Pty Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xtreamlok Pty Ltd filed Critical Xtreamlok Pty Ltd
Priority to AU2001269354A priority Critical patent/AU2001269354A1/en
Priority to CA2447451A priority patent/CA2447451C/en
Publication of WO2001086372A2 publication Critical patent/WO2001086372A2/en
Publication of WO2001086372A3 publication Critical patent/WO2001086372A3/en
Publication of WO2001086372A9 publication Critical patent/WO2001086372A9/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/14Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/54Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6281Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database at program execution time, where the protection is within the operating system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/031Protect user input by software means
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/032Protect output to user by software means
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software

Abstract

The present invention discloses an improved information security system and method. A polymorphic engine is used to enhance the security features of a software application and the data generated by or made available to the application and/or the operating system. The polymorphic engine operates to randomly alter the standard executable code of the original application while preserving its functional characteristics. Each polymorphed instance of the application differs from any other instance of the same application in form only. Various other security features operate to protect the polymorphic engine itself and/or the polymorphed code generated therefrom. These other security features include: just-in-time instruction code decryption; virtual CPU instruction code pre-processing; call mutation; stack manipulation; secure hook-capture of device input; secure display device output; application level encryption of encrypted hardware data streams; and a dynamic, randomly configured graphical keypad interface.
PCT/IB2001/001197 2000-05-12 2001-05-14 Information security method and system WO2001086372A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
AU2001269354A AU2001269354A1 (en) 2000-05-12 2001-05-14 Information security method and system
CA2447451A CA2447451C (en) 2000-05-12 2001-05-14 Information security method and system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US20387700P 2000-05-12 2000-05-12
US60/203,877 2000-05-12

Publications (3)

Publication Number Publication Date
WO2001086372A2 WO2001086372A2 (en) 2001-11-15
WO2001086372A3 true WO2001086372A3 (en) 2002-04-11
WO2001086372A9 WO2001086372A9 (en) 2002-08-15

Family

ID=22755673

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2001/001197 WO2001086372A2 (en) 2000-05-12 2001-05-14 Information security method and system

Country Status (4)

Country Link
US (4) US7171693B2 (en)
AU (1) AU2001269354A1 (en)
CA (1) CA2447451C (en)
WO (1) WO2001086372A2 (en)

Families Citing this family (129)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2305078A1 (en) * 2000-04-12 2001-10-12 Cloakware Corporation Tamper resistant software - mass data encoding
US7237123B2 (en) * 2000-09-22 2007-06-26 Ecd Systems, Inc. Systems and methods for preventing unauthorized use of digital content
CA2327911A1 (en) * 2000-12-08 2002-06-08 Cloakware Corporation Obscuring functions in computer software
US7260845B2 (en) * 2001-01-09 2007-08-21 Gabriel Kedma Sensor for detecting and eliminating inter-process memory breaches in multitasking operating systems
GB0103119D0 (en) * 2001-02-08 2001-03-28 Comodo Technology Dev Ltd Improvements in and relating to software modification
JP2002271561A (en) * 2001-03-13 2002-09-20 Minolta Co Ltd Data transmitter, data receiver, data transmitting/ receiving system, data transmitting method, data receiving method, data transmitting/receiving method, program and recording medium
IL157854A0 (en) * 2001-03-28 2004-03-28 Digital rights management system and method
WO2002091146A2 (en) * 2001-05-09 2002-11-14 Ecd Systems, Inc. Systems and methods for the prevention of unauthorized use and manipulation of digital content
US7007025B1 (en) * 2001-06-08 2006-02-28 Xsides Corporation Method and system for maintaining secure data input and output
US7313824B1 (en) * 2001-07-13 2007-12-25 Liquid Machines, Inc. Method for protecting digital content from unauthorized use by automatically and dynamically integrating a content-protection agent
US7111285B2 (en) * 2001-07-17 2006-09-19 Liquid Machines, Inc. Method and system for protecting software applications against static and dynamic software piracy techniques
JP4787434B2 (en) * 2001-08-24 2011-10-05 富士通コンポーネント株式会社 ENCRYPTION METHOD, COMMUNICATION SYSTEM, DATA INPUT DEVICE
US20030120938A1 (en) * 2001-11-27 2003-06-26 Miki Mullor Method of securing software against reverse engineering
US20090254994A1 (en) 2002-02-18 2009-10-08 David Lynch Waterson Security methods and systems
US20030159054A1 (en) * 2002-02-19 2003-08-21 Minebea Co. Reconfigurable secure input device
US20030159053A1 (en) * 2002-02-19 2003-08-21 Charles Fauble Secure reconfigurable input device with transaction card reader
WO2004013744A2 (en) * 2002-08-01 2004-02-12 Matsushita Electric Industrial Co., Ltd. Apparatuses and methods for decrypting encrypted blocks of data and locating the decrypted blocks of data in memory space used for execution
US7676748B1 (en) * 2002-11-04 2010-03-09 Sun Microsystems, Inc. System graphics for security shield
US8832178B2 (en) 2002-11-06 2014-09-09 Noel William Lovisa Service implementation
EP2385463B1 (en) * 2002-11-06 2020-04-29 Code Valley Corp Pty Ltd Code generation using components
US9521209B2 (en) 2002-11-06 2016-12-13 Code Valley Corp Pty Ltd Code generation
US8510571B1 (en) * 2003-03-24 2013-08-13 Hoi Chang System and method for inserting security mechanisms into a software program
US20070186076A1 (en) * 2003-06-18 2007-08-09 Jones Anthony M Data pipeline transport system
EP1636725B1 (en) 2003-06-18 2018-05-16 Imagination Technologies Limited Circuit register and method therefor
US7503070B1 (en) 2003-09-19 2009-03-10 Marshall Van Alstyne Methods and systems for enabling analysis of communication content while preserving confidentiality
WO2005074397A2 (en) * 2004-02-05 2005-08-18 Kings Information & Network Computer security apparatus and method using security input device driver
US7500108B2 (en) 2004-03-01 2009-03-03 Microsoft Corporation Metered execution of code
US7383583B2 (en) * 2004-03-05 2008-06-03 Microsoft Corporation Static and run-time anti-disassembly and anti-debugging
DE102004011488B4 (en) * 2004-03-09 2007-07-05 Giesecke & Devrient Gmbh Protection of software against attacks
US8694802B2 (en) * 2004-04-30 2014-04-08 Apple Inc. System and method for creating tamper-resistant code
US7296233B2 (en) * 2004-05-10 2007-11-13 Microsoft Corporation Spy-resistant keyboard
JP2007538321A (en) * 2004-05-20 2007-12-27 コード バリー ピーティーワイ リィミティッド Code generation method
US7788498B2 (en) * 2005-07-22 2010-08-31 Microsoft Corporation Triple-tap password entry
US9282081B2 (en) 2005-07-28 2016-03-08 Vaporstream Incorporated Reduced traceability electronic message system and method
US7610345B2 (en) 2005-07-28 2009-10-27 Vaporstream Incorporated Reduced traceability electronic message system and method
DE102005045852A1 (en) * 2005-09-26 2007-04-05 Siemens Ag Method and system for protecting source code
US20070073623A1 (en) * 2005-09-28 2007-03-29 Nicholas Phelps Method of manufacturing application software
DE102005048029B4 (en) * 2005-10-06 2009-03-12 Infineon Technologies Ag Compiler and method for compiling
US7725737B2 (en) * 2005-10-14 2010-05-25 Check Point Software Technologies, Inc. System and methodology providing secure workspace environment
US7685638B1 (en) * 2005-12-13 2010-03-23 Symantec Corporation Dynamic replacement of system call tables
JP4818279B2 (en) * 2005-12-22 2011-11-16 富士通株式会社 Program processing apparatus, program processing method, and program
US20070209014A1 (en) * 2006-01-11 2007-09-06 Youssef Youmtoub Method and apparatus for secure data input
KR100782847B1 (en) * 2006-02-15 2007-12-06 삼성전자주식회사 Method and apparatus for importing content which consists of a plural of contents parts
US8978154B2 (en) 2006-02-15 2015-03-10 Samsung Electronics Co., Ltd. Method and apparatus for importing content having plurality of parts
KR100753944B1 (en) * 2006-06-26 2007-08-31 삼성전자주식회사 Virtual wheel-like interface structure in mobile device having wheel input unit and method of entering letters using the same
WO2008035141A2 (en) * 2006-09-20 2008-03-27 Chan Kam-Fu From polymorphic executable to polymorphic operating system
US20080077704A1 (en) * 2006-09-24 2008-03-27 Void Communications, Inc. Variable Electronic Communication Ping Time System and Method
US7761468B2 (en) * 2006-10-04 2010-07-20 International Business Machines Corporation Supporting multiple security mechanisms in a database driver
US8689193B2 (en) * 2006-11-01 2014-04-01 At&T Intellectual Property Ii, L.P. Method and apparatus for protecting a software application against a virus
US8113951B2 (en) 2006-11-15 2012-02-14 Microsoft Corporation Achievement incentives within a console-based gaming environment
WO2008088073A1 (en) * 2007-01-18 2008-07-24 Panasonic Corporation Obfuscation assisting apparatus
WO2008101165A2 (en) * 2007-02-15 2008-08-21 Void Communications, Inc. Electronic messaging recordlessness warning and routing system and method
KR100847248B1 (en) * 2007-02-27 2008-07-21 주식회사 하우리 Method of preventing input keystroke data from hacking
US20080301631A1 (en) * 2007-03-01 2008-12-04 The Boeing Company Human transparency paradigm
MX2010001549A (en) * 2007-08-06 2010-09-07 Bernard De Monseignat System and method for authentication, data transfer, and protection against phishing.
US8819815B1 (en) * 2007-10-16 2014-08-26 Jpmorgan Chase Bank, N.A. Method and system for distributing and tracking information
US8245289B2 (en) 2007-11-09 2012-08-14 International Business Machines Corporation Methods and systems for preventing security breaches
JP4492719B2 (en) * 2008-03-10 2010-06-30 ソニー株式会社 Data communication apparatus, data communication method, data request apparatus, data request method, and data communication system
CN101316424A (en) * 2008-07-08 2008-12-03 阿里巴巴集团控股有限公司 Information transmission method, system and device
CN101661546B (en) * 2008-08-28 2012-12-19 深圳富泰宏精密工业有限公司 System and method for file encryption therein in hand-held mobile electronic device
US8713312B2 (en) * 2008-12-07 2014-04-29 Trend Micrio Incorporated Method and system for detecting data modification within computing device
FR2942559B1 (en) * 2009-02-24 2016-05-20 European Aeronautic Defence And Space Company - Eads France METHOD FOR PROTECTING THE SOURCE CODE OF A COMPUTER PROGRAM.
DE102009019981A1 (en) * 2009-05-05 2010-11-11 Giesecke & Devrient Gmbh Method for protecting software and portable data carriers stored on a portable data carrier
US8589698B2 (en) * 2009-05-15 2013-11-19 International Business Machines Corporation Integrity service using regenerated trust integrity gather program
JP5684128B2 (en) * 2009-08-19 2015-03-11 レノボ・イノベーションズ・リミテッド(香港) Information processing device
US9535994B1 (en) * 2010-03-26 2017-01-03 Jonathan Grier Method and system for forensic investigation of data access
US9135434B2 (en) * 2010-04-19 2015-09-15 Appcentral, Inc. System and method for third party creation of applications for mobile appliances
CN101853357A (en) * 2010-04-28 2010-10-06 北京飞天诚信科技有限公司 Software protection method
WO2012000092A1 (en) * 2010-06-28 2012-01-05 Lionstone Capital Corporation Seamless end-to-end data obfuscation and encryption
US8984034B2 (en) * 2010-09-28 2015-03-17 Schneider Electric USA, Inc. Calculation engine and calculation providers
US20120159193A1 (en) * 2010-12-18 2012-06-21 Microsoft Corporation Security through opcode randomization
US20120222051A1 (en) * 2011-02-25 2012-08-30 Microsoft Corporation Shared resource access verification
KR101269089B1 (en) 2011-08-19 2013-05-29 고려대학교 산학협력단 Software modulation prevention method using own encryption
US9183113B2 (en) 2011-09-29 2015-11-10 Oracle International Corporation Debugging analysis in running multi-user systems
US9027075B2 (en) * 2011-09-29 2015-05-05 Oracle International Corporation Enforcing security rules at runtime
US9128732B2 (en) 2012-02-03 2015-09-08 Apple Inc. Selective randomization for non-deterministically compiled code
GB201212878D0 (en) * 2012-07-20 2012-09-05 Pike Justin Authentication method and system
US20150294114A1 (en) * 2012-09-28 2015-10-15 Hewlett-Packard Development Company, L.P. Application randomization
US9122794B2 (en) 2012-10-30 2015-09-01 Oracle International Corporation System and method for debugging domain specific languages
US9225737B2 (en) 2013-03-15 2015-12-29 Shape Security, Inc. Detecting the introduction of alien content
US20140283038A1 (en) 2013-03-15 2014-09-18 Shape Security Inc. Safe Intelligent Content Modification
US9218467B2 (en) * 2013-05-29 2015-12-22 Raytheon Cyber Products, Llc Intra stack frame randomization for protecting applications against code injection attack
US9218483B2 (en) 2013-07-10 2015-12-22 Raytheon Cyber Products, Llc Synthetic processing diversity with multiple architectures within a homogeneous processing environment
US9256431B2 (en) 2013-07-10 2016-02-09 Raytheon Cyber Products, Llc Synthetic processing diversity within a homogeneous processing environment
FR3011354A1 (en) * 2013-10-01 2015-04-03 Commissariat Energie Atomique METHOD FOR EXECUTING A MICROPROCESSOR OF A POLYMORPHIC BINARY CODE OF A PREDETERMINED FUNCTION
US9270647B2 (en) 2013-12-06 2016-02-23 Shape Security, Inc. Client/server security by an intermediary rendering modified in-memory objects
US8954583B1 (en) 2014-01-20 2015-02-10 Shape Security, Inc. Intercepting and supervising calls to transformed operations and objects
US9027142B1 (en) * 2014-01-21 2015-05-05 Shape Security, Inc. Dynamic field re-rendering
US9489526B1 (en) * 2014-01-21 2016-11-08 Shape Security, Inc. Pre-analyzing served content
US8893294B1 (en) 2014-01-21 2014-11-18 Shape Security, Inc. Flexible caching
TWI528216B (en) * 2014-04-30 2016-04-01 財團法人資訊工業策進會 Method, electronic device, and user interface for on-demand detecting malware
US9411597B2 (en) * 2014-05-06 2016-08-09 Nxp B.V. Return-oriented programming as an obfuscation technique
US9411958B2 (en) * 2014-05-23 2016-08-09 Shape Security, Inc. Polymorphic treatment of data entered at clients
US9858440B1 (en) 2014-05-23 2018-01-02 Shape Security, Inc. Encoding of sensitive data
KR101477050B1 (en) * 2014-05-28 2015-01-08 충남대학교산학협력단 Method for extracting excutable code of application using memory dump
US10089216B2 (en) 2014-06-30 2018-10-02 Shape Security, Inc. Automatically determining whether a page of a web site is broken despite elements on the page that may change
US9075990B1 (en) 2014-07-01 2015-07-07 Shape Security, Inc. Reliable selection of security countermeasures
US9003511B1 (en) 2014-07-22 2015-04-07 Shape Security, Inc. Polymorphic security policy action
US9602543B2 (en) 2014-09-09 2017-03-21 Shape Security, Inc. Client/server polymorphism using polymorphic hooks
US9438625B1 (en) 2014-09-09 2016-09-06 Shape Security, Inc. Mitigating scripted attacks using dynamic polymorphism
US10657262B1 (en) * 2014-09-28 2020-05-19 Red Balloon Security, Inc. Method and apparatus for securing embedded device firmware
EP3123311B8 (en) 2014-11-17 2021-03-03 Morphisec Information Security 2014 Ltd Malicious code protection for computer systems based on process modification
DE102014019090A1 (en) * 2014-12-18 2016-06-23 Giesecke & Devrient Gmbh Method for providing a safety-critical software application on a computer unit
US9825995B1 (en) 2015-01-14 2017-11-21 Shape Security, Inc. Coordinated application of security policies
US10042589B2 (en) 2015-03-11 2018-08-07 Secure Cloud Systems, Inc. Encrypted data storage and retrieval system
GB201520741D0 (en) 2015-05-27 2016-01-06 Mypinpad Ltd And Licentia Group Ltd Authentication methods and systems
US10230718B2 (en) 2015-07-07 2019-03-12 Shape Security, Inc. Split serving of computer code
US9807113B2 (en) 2015-08-31 2017-10-31 Shape Security, Inc. Polymorphic obfuscation of executable code
US20170118241A1 (en) * 2015-10-26 2017-04-27 Shape Security, Inc. Multi-Layer Computer Security Countermeasures
US10375026B2 (en) 2015-10-28 2019-08-06 Shape Security, Inc. Web transaction status tracking
US9588758B1 (en) 2015-12-18 2017-03-07 International Business Machines Corporation Identifying user managed software modules
WO2017137804A1 (en) 2016-02-11 2017-08-17 Morphisec Information Security Ltd. Automated classification of exploits based on runtime environmental features
JPWO2017159258A1 (en) * 2016-03-15 2019-01-24 パナソニックIpマネジメント株式会社 Information processing apparatus and environment setting method
US10809985B2 (en) 2017-03-09 2020-10-20 Microsoft Technology Licensing, Llc Instrumenting program code
US10642714B2 (en) * 2017-03-09 2020-05-05 Microsoft Technology Licensing, Llc Mapping dynamic analysis data to source code
US10853041B2 (en) 2017-03-09 2020-12-01 Microsoft Technology Licensing, Llc Extensible instrumentation
US11329963B2 (en) 2018-02-22 2022-05-10 Eclypses, Inc. System and method for securely transferring data
US11012722B2 (en) 2018-02-22 2021-05-18 Secure Cloud Systems, Inc. System and method for securely transferring data
CN108777611B (en) * 2018-05-11 2021-06-18 吉林大学 Bidirectional linked list sequential encryption and decryption method based on double-key stream cipher
US10776460B2 (en) * 2018-10-15 2020-09-15 KameleonSec Ltd. Proactive security system based on code polymorphism
US11157645B2 (en) * 2018-11-01 2021-10-26 International Business Machines Corporation Data masking with isomorphic functions
EP3884412A1 (en) * 2018-11-19 2021-09-29 Secure Micro Ltd Computer implemented method
US11436327B1 (en) * 2019-12-24 2022-09-06 Fireeye Security Holdings Us Llc System and method for circumventing evasive code for cyberthreat detection
US11405203B2 (en) 2020-02-17 2022-08-02 Eclypses, Inc. System and method for securely transferring data using generated encryption keys
US11610000B2 (en) 2020-10-07 2023-03-21 Bank Of America Corporation System and method for identifying unpermitted data in source code
US20220197658A1 (en) * 2020-12-21 2022-06-23 Intel Corporation Isa opcode parameterization and opcode space layout randomization
US11522707B2 (en) 2021-03-05 2022-12-06 Eclypses, Inc. System and method for detecting compromised devices
US11720693B2 (en) 2021-03-05 2023-08-08 Eclypses, Inc. System and method for securely transferring data
CN113495755B (en) * 2021-06-29 2023-06-09 青岛海尔科技有限公司 Information multidimensional analysis method and device

Citations (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4806745A (en) * 1986-04-18 1989-02-21 Sharp Kabushiki Kaisha IC card with fewer input keys
US5276314A (en) * 1992-04-03 1994-01-04 International Business Machines Corporation Identity verification system resistant to compromise by observation of its use
FR2693809A1 (en) * 1992-07-15 1994-01-21 Lemasson Jean Claude Randomised coded electronic security access method - using pushbuttons associated with characters in random sequence controlled by microprocessor
US5428349A (en) * 1992-10-01 1995-06-27 Baker; Daniel G. Nondisclosing password entry system
US5596718A (en) * 1992-07-10 1997-01-21 Secure Computing Corporation Secure computer network using trusted path subsystem which encrypts/decrypts and communicates with user through local workstation user I/O devices without utilizing workstation processor
US5748888A (en) * 1996-05-29 1998-05-05 Compaq Computer Corporation Method and apparatus for providing secure and private keyboard communications in computer systems
WO1999001815A1 (en) * 1997-06-09 1999-01-14 Intertrust, Incorporated Obfuscation techniques for enhancing software security
US5867647A (en) * 1996-02-09 1999-02-02 Secure Computing Corporation System and method for securing compiled program code
US5892899A (en) * 1996-06-13 1999-04-06 Intel Corporation Tamper resistant methods and apparatus
US5903761A (en) * 1997-10-31 1999-05-11 Preemptive Solutions, Inc. Method of reducing the number of instructions in a program code sequence
WO1999030229A1 (en) * 1997-12-11 1999-06-17 Digits Corp. Object code analysis and remediation system and method
US5949348A (en) * 1992-08-17 1999-09-07 Ncr Corporation Method and apparatus for variable keyboard display
US5949882A (en) * 1996-12-13 1999-09-07 Compaq Computer Corporation Method and apparatus for allowing access to secured computer resources by utilzing a password and an external encryption algorithm
US5966536A (en) * 1997-05-28 1999-10-12 Sun Microsystems, Inc. Method and apparatus for generating an optimized target executable computer program using an optimized source executable
US6006328A (en) * 1995-07-14 1999-12-21 Christopher N. Drake Computer software authentication, protection, and security system
US6009543A (en) * 1996-03-01 1999-12-28 Massachusetts Institute Of Technology Secure software system and related techniques
US6052780A (en) * 1996-09-12 2000-04-18 Open Security Solutions, Llc Computer system and process for accessing an encrypted and self-decrypting digital information product while restricting access to decrypted digital information

Family Cites Families (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4079188A (en) * 1975-04-14 1978-03-14 Datotek, Inc. Multi-mode digital enciphering system
CH592937A5 (en) * 1975-11-11 1977-11-15 Europ Handelsges Anst
US4168396A (en) * 1977-10-31 1979-09-18 Best Robert M Microprocessor for executing enciphered programs
DE2962468D1 (en) * 1978-10-27 1982-05-19 Gretag Ag Enciphering and deciphering apparatus
US4558176A (en) * 1982-09-20 1985-12-10 Arnold Mark G Computer systems to inhibit unauthorized copying, unauthorized usage, and automated cracking of protected software
US5248349A (en) * 1992-05-12 1993-09-28 Solar Cells, Inc. Process for making photovoltaic devices and resultant product
US5696822A (en) * 1995-09-28 1997-12-09 Symantec Corporation Polymorphic virus detection module
US5966450A (en) * 1996-08-13 1999-10-12 Lucent Technologies Variable mask for encryption generated independently at communications stations
US5825878A (en) 1996-09-20 1998-10-20 Vlsi Technology, Inc. Secure memory management unit for microprocessor
US6141698A (en) * 1997-01-29 2000-10-31 Network Commerce Inc. Method and system for injecting new code into existing application code
US6236728B1 (en) * 1997-06-19 2001-05-22 Brian E. Marchant Security apparatus for data transmission with dynamic random encryption
US5991402A (en) * 1997-09-23 1999-11-23 Aegisoft Corporation Method and system of dynamic transformation of encrypted material
US5825787A (en) * 1997-11-25 1998-10-20 Xilinx, Inc. System and method for accessing a test vector memory
US6480959B1 (en) * 1997-12-05 2002-11-12 Jamama, Llc Software system and associated methods for controlling the use of computer programs
US6134661A (en) * 1998-02-11 2000-10-17 Topp; William C. Computer network security device and method
US6615350B1 (en) * 1998-03-23 2003-09-02 Novell, Inc. Module authentication and binding library extensions
US6289446B1 (en) * 1998-09-29 2001-09-11 Axis Ab Exception handling utilizing call instruction with context information
US6216183B1 (en) * 1998-11-20 2001-04-10 Compaq Computer Corporation Apparatus and method for securing information entered upon an input device coupled to a universal serial bus
US6587947B1 (en) * 1999-04-01 2003-07-01 Intel Corporation System and method for verification of off-chip processor code
US6594761B1 (en) * 1999-06-09 2003-07-15 Cloakware Corporation Tamper resistant software encoding
US7430670B1 (en) * 1999-07-29 2008-09-30 Intertrust Technologies Corp. Software self-defense systems and methods
IL132916A (en) * 1999-11-14 2004-02-08 Mcafee Inc Method and system for intercepting an application program interface
US7162032B2 (en) * 1999-12-20 2007-01-09 Telenor Asa Encryption of programs represented as polynomial mappings and their computations
US6829710B1 (en) * 2000-03-14 2004-12-07 Microsoft Corporation Technique for producing, through watermarking, highly tamper-resistant executable code and resulting “watermarked” code so formed
US7000119B1 (en) * 2000-04-20 2006-02-14 Realnetworks, Inc. Instruction/data protection employing derived obscuring instruction/data
DE20009234U1 (en) * 2000-05-23 2000-08-24 Buerkert Werke Gmbh & Co Fluidic connection system
US7065652B1 (en) * 2000-06-21 2006-06-20 Aladdin Knowledge Systems, Ltd. System for obfuscating computer code upon disassembly

Patent Citations (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4806745A (en) * 1986-04-18 1989-02-21 Sharp Kabushiki Kaisha IC card with fewer input keys
US5276314A (en) * 1992-04-03 1994-01-04 International Business Machines Corporation Identity verification system resistant to compromise by observation of its use
US5596718A (en) * 1992-07-10 1997-01-21 Secure Computing Corporation Secure computer network using trusted path subsystem which encrypts/decrypts and communicates with user through local workstation user I/O devices without utilizing workstation processor
FR2693809A1 (en) * 1992-07-15 1994-01-21 Lemasson Jean Claude Randomised coded electronic security access method - using pushbuttons associated with characters in random sequence controlled by microprocessor
US5949348A (en) * 1992-08-17 1999-09-07 Ncr Corporation Method and apparatus for variable keyboard display
US5428349A (en) * 1992-10-01 1995-06-27 Baker; Daniel G. Nondisclosing password entry system
US6006328A (en) * 1995-07-14 1999-12-21 Christopher N. Drake Computer software authentication, protection, and security system
US5867647A (en) * 1996-02-09 1999-02-02 Secure Computing Corporation System and method for securing compiled program code
US6009543A (en) * 1996-03-01 1999-12-28 Massachusetts Institute Of Technology Secure software system and related techniques
US5748888A (en) * 1996-05-29 1998-05-05 Compaq Computer Corporation Method and apparatus for providing secure and private keyboard communications in computer systems
US5892899A (en) * 1996-06-13 1999-04-06 Intel Corporation Tamper resistant methods and apparatus
US6052780A (en) * 1996-09-12 2000-04-18 Open Security Solutions, Llc Computer system and process for accessing an encrypted and self-decrypting digital information product while restricting access to decrypted digital information
US5949882A (en) * 1996-12-13 1999-09-07 Compaq Computer Corporation Method and apparatus for allowing access to secured computer resources by utilzing a password and an external encryption algorithm
US5966536A (en) * 1997-05-28 1999-10-12 Sun Microsystems, Inc. Method and apparatus for generating an optimized target executable computer program using an optimized source executable
WO1999001815A1 (en) * 1997-06-09 1999-01-14 Intertrust, Incorporated Obfuscation techniques for enhancing software security
US5903761A (en) * 1997-10-31 1999-05-11 Preemptive Solutions, Inc. Method of reducing the number of instructions in a program code sequence
WO1999030229A1 (en) * 1997-12-11 1999-06-17 Digits Corp. Object code analysis and remediation system and method

Also Published As

Publication number Publication date
AU2001269354A1 (en) 2001-11-20
WO2001086372A9 (en) 2002-08-15
US20020016918A1 (en) 2002-02-07
CA2447451A1 (en) 2001-11-15
US7171693B2 (en) 2007-01-30
CA2447451C (en) 2013-02-12
US20050289511A1 (en) 2005-12-29
US7555780B2 (en) 2009-06-30
US20050257054A1 (en) 2005-11-17
US20060075260A1 (en) 2006-04-06
WO2001086372A2 (en) 2001-11-15

Similar Documents

Publication Publication Date Title
WO2001086372A3 (en) Information security method and system
US7464269B2 (en) Secure method and system for handling and distributing digital media
US5677952A (en) Method to protect information on a computer storage device
US8458792B2 (en) Secure method and system for computer protection
WO2003042799A3 (en) Device and method with reduced information leakage
JP4522645B2 (en) Method and system for cryptographically protecting secure content
EP1253503A3 (en) Protection of software against use without permit
WO2006036320A3 (en) System and method for creating a security application for programmable cryptography module
US20060143437A1 (en) System and method for integrating secure and non-secure software objects
US20120079281A1 (en) Systems and methods for diversification of encryption algorithms and obfuscation symbols, symbol spaces and/or schemas
Boivie et al. SecureBlue++: CPU support for secure execution
US20020112158A1 (en) Executable file protection
WO2003054662A3 (en) A system and method for preventing unauthorized use of protected software utilizing a portable security device
US7266688B2 (en) Methods for improved security of software applications
RU2370897C2 (en) System of block cryptographical protection, using conversions to hide main function of cryptographic protection of each coding cycle
TW200629855A (en) Confidential information processing method, confidential information processing device, and contents data reproducing device
KR20130020861A (en) Software modulation prevention method using own encryption
CN100446019C (en) Software copyright protection method
CN103605927A (en) Encryption and decryption method based on embedded Linux system
WO2002037222A3 (en) Electronic file protection using location
KR20020071274A (en) Universal Serial Bus(USB) security secondary storage device using Crypto Chip and Flash memory based on PC
US20040156501A1 (en) Font level encryption method and apparatus
WO2002044850A3 (en) System and method for securing an application for execution on a computer
CN116933284A (en) File processing method and device and electronic equipment
WO2002021791A3 (en) Internet switch

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

COP Corrected version of pamphlet

Free format text: PAGES 34 AND 35, CLAIMS REPLACED BY NEW PAGES 34 AND 35; PAGE 6/16, DRAWINGS, REPLACED BY A NEW PAGE 6/15; AFTER RECTIFICATION OF OBVIOUS ERRORS AS AUTHORIZED BY THE INTERNATIONAL SEARCHING AUTHORITY

122 Ep: pct application non-entry in european phase
WWE Wipo information: entry into national phase

Ref document number: 2447451

Country of ref document: CA

NENP Non-entry into the national phase

Ref country code: JP