Abstract: A method for digital immunity includes identifying a call graph of an executable entity, and mapping nodes of the call graph to a cipher table of obscured information, such that each node based on invariants in the executable entity. A cipher table maintains associations between the invariants and the obscured information. Construction of an obscured information item, such as a executable set of instructions or a program, involves extracting, from the cipher table, ordered portions of the obscured information, in which the ordered portions have a sequence based on the ordering of the invariants, and ensuring that the obscured information matches a predetermined ordering corresponding to acceptable operation, such as by execution of the instructions represented by the obscured information, or steganographic target program (to distinguish from the executable entity being evaluated). The unmodified nature of the executable entity is assured by successful execution of the steganographic target program.

Abstract: A method for digital immunity includes identifying a call graph of an executable entity, and mapping nodes of the call graph to a cipher table of obscured information, such that each node based on invariants in the executable entity. A cipher table maintains associations between the invariants and the obscured information. Construction of an obscured information item, such as a executable set of instructions or a program, involves extracting, from the cipher table, ordered portions of the obscured information, in which the ordered portions have a sequence based on the ordering of the invariants, and ensuring that the obscured information matches a predetermined ordering corresponding to acceptable operation, such as by execution of the instructions represented by the obscured information, or steganographic target program (to distinguish from the executable entity being evaluated). The unmodified nature of the executable entity is assured by successful execution of the steganographic target program.

Abstract: A method for digital immunity includes identifying a call graph of an executable entity, and mapping nodes of the call graph to a cipher table of obscured information, such that each node based on invariants in the executable entity. A cipher table maintains associations between the invariants and the obscured information. Construction of an obscured information item, such as a executable set of instructions or a program, involves extracting, from the cipher table, ordered portions of the obscured information, in which the ordered portions have a sequence based on the ordering of the invariants, and ensuring that the obscured information matches a predetermined ordering corresponding to acceptable operation, such as by execution of the instructions represented by the obscured information, or steganographic target program (to distinguish from the executable entity being evaluated). The unmodified nature of the executable entity is assured by successful execution of the steganographic target program.