US 11,853,412 B2
Systems and methods for defeating stack-based cyber attacks by randomizing stack frame size
Shane Paulsen Fry, Madison, AL (US); and David Nicholas Graham, Owens Cross Roads, AL (US)
Assigned to RUNSAFE SECURITY, INC., McLean, VA (US)
Appl. No. 17/268,580
Filed by RUNSAFE SECURITY, INC., McLean, VA (US)
PCT Filed Aug. 15, 2019, PCT No. PCT/US2019/046636
§ 371(c)(1), (2) Date Feb. 15, 2021,
PCT Pub. No. WO2020/037115, PCT Pub. Date Feb. 20, 2020.
Claims priority of provisional application 62/764,689, filed on Aug. 15, 2018.
Prior Publication US 2021/0200857 A1, Jul. 1, 2021
Int. Cl. G06F 21/52 (2013.01)
CPC G06F 21/52 (2013.01) [G06F 2221/033 (2013.01)] 26 Claims
OG exemplary drawing
 
1. A method of defending against stack-based cybersecurity attacks that exploit vulnerabilities in buffer overflows of a stack register included as part of a random access memory (RAM) configured for storing local variables of a function included in a program binary comprising:
prior to loading of the program binary into the RAM and after compilation, transforming the program binary to include modifications that relate to stack frame size;
generating a random number offset;
determining a size of a stack space originally requested by the program binary;
generating a randomized stack size by adding the random number offset to the size of the stack space originally requested by the program binary;
replacing one or more instructions including the size of the stack space with the randomized stack size;
upon entry of program flow into the function, allocating stack space on the stack register in accordance with the randomized stack size; and
upon exit of program flow from the function, de-allocating the allocated stack space.