Qualcomm - San Diego since May 2011
Senior Product Security Engineer
Qualcomm - San Diego Jun 2010 - Apr 2011
Product Security Engineer
Georgia Institute of Technology Aug 2009 - Jul 2010
Graduate Research Assistant
Telchemy May 2009 - Aug 2009
Intern
Education:
Georgia Institute of Technology 2008 - 2010
Master of Science (MS), Computer Science
Budapesti Mûszaki és Gazdaságtudományi Egyetem 2003 - 2008
Diploma, Computer Science
Skills:
C++ Computer Security C
Us Patents
Dynamic Execution Prevention To Inhibit Return-Oriented Programming
Arun Balakrishnan - San Diego CA, US Alexander Gantman - Poway CA, US Renwei Ge - San Diego CA, US Daniel Komaromy - San Diego CA, US Yinian Mao - San Diego CA, US Anand Palanigounder - San Diego CA, US Brian M. Rosenberg - San Diego CA, US
Assignee:
QUALCOMM Incorporated - San Diego CA
International Classification:
G06F 21/00
US Classification:
726 22
Abstract:
A method, apparatus, and/or system for execution prevention is provided. A state indicator for a first subset of a plurality of memory pages of executable code in a memory device is set to a non-executable state. A state indicator for a second subset of the plurality of memory pages is set to an executable state, where the second subset of the plurality of memory pages includes indirection stubs to functions in the first subset of the plurality of memory pages. Upon execution of an application, a function call is directed to a corresponding indirection stub in the second subset of the plurality of memory pages which modifies the state indicator for a corresponding function in the first subset of the plurality of memory pages prior to directing execution of the called function from the first subset of the plurality of memory pages.
Methods, Devices, And Systems For Detecting Return-Oriented Programming Exploits
Daniel KOMAROMY - San Diego CA, US Alex Gantman - Poway CA, US Brian M. Rosenberg - San Diego CA, US Arun Balakrishan - San Diego CA, US Renwei Ge - San Diego CA, US Gregory G. Rose - San Diego CA, US Anand Palanigounder - San Diego CA, US
Assignee:
QUALCOMM Incorporated - San Diego CA
International Classification:
G06F 21/00
US Classification:
726 22
Abstract:
Methods, devices, and systems for detecting return-oriented programming (ROP) exploits are disclosed. A system includes a processor, a main memory, and a cache memory. A cache monitor develops an instruction loading profile by monitoring accesses to cached instructions found in the cache memory and misses to instructions not currently in the cache memory. A remedial action unit terminates execution of one or more of the valid code sequences if the instruction loading profile is indicative of execution of an ROP exploit involving one or more valid code sequences. The instruction loading profile may be a hit/miss ratio derived from monitoring cache hits relative to cache misses. The ROP exploits may include code snippets that each include an executable instruction and a return instruction from valid code sequences.