Patents Assigned to Narf Industries, LLC
  • Patent number: 10866908
    Abstract: A system and method is provided for probabilistic defense against remote exploitation of memory. In certain embodiments, the system comprises one or more processors, read and execute (RX) portions of memory, read and write (RW) portions of memory, execute only (XOM) portions of memory, and one or more programs stored in the memory. The one or more programs include instructions for maintaining all pointers to RX memory instructions in XOM memory. In addition, the one or more programs include instructions for preventing all direct references to RX memory in RW memory by forcing pointers in RW memory to reference XOM memory first, which then references RX memory instructions.
    Type: Grant
    Filed: May 19, 2017
    Date of Patent: December 15, 2020
    Assignee: NARF INDUSTRIES, LLC
    Inventors: Paul E. Makowski, Benjamin L. Schmidt, Maxwell J. Koo
  • Patent number: 10805336
    Abstract: A system and method for identifying and preventing vulnerability exploitation is provided. The system comprises a processor and memory. The memory stores one or more programs comprising instructions to execute a method. The method first comprises comparing a first version of a software module with a second version of a software module. Second, the system determines one or more differences between the first version and the second version. Next, the system represents the one or more differences as symbolic constraints. Last, the system generates a firewall for identifying exploitative input using the symbolic constraints.
    Type: Grant
    Filed: December 5, 2018
    Date of Patent: October 13, 2020
    Assignee: Narf Industries, LLC
    Inventors: Paul Makowski, Benjamin Schmidt
  • Patent number: 10747686
    Abstract: A system and method is provided for secure establishment of a trusted enclave among co-privileged executable code. The system comprises one or more processors; execute only memory; and one or more programs stored in the memory. The one or more programs comprise instructions to establish a trusted enclave and an untrusted enclave in kernel space code, wherein the trusted enclave and the untrusted enclave are co-privileged from the perspective of the processor. The trusted code has the ability to modify page tables and the untrusted code does not have the ability to modify page tables. Any changes to memory mappings involve the trusted code. Page tables are mapped as read-only during execution of the untrusted code and mapped as writeable only during execution of the trusted code.
    Type: Grant
    Filed: December 28, 2017
    Date of Patent: August 18, 2020
    Assignee: NARF INDUSTRIES, LLC
    Inventors: Paul E. Makowski, Benjamin L. Schmidt, Maxwell J. Koo
  • Publication number: 20190116201
    Abstract: A system and method for identifying and preventing vulnerability exploitation is provided. The system comprises a processor and memory. The memory stores one or more programs comprising instructions to execute a method. The method first comprises comparing a first version of a software module with a second version of a software module. Second, the system determines one or more differences between the first version and the second version. Next, the system represents the one or more differences as symbolic constraints. Last, the system generates a firewall for identifying exploitative input using the symbolic constraints.
    Type: Application
    Filed: December 5, 2018
    Publication date: April 18, 2019
    Applicant: Narf Industries, LLC
    Inventors: PAUL MAKOWSKI, Benjamin Schmidt
  • Patent number: 10187418
    Abstract: A system and method for identifying and preventing vulnerability exploitation is provided. The system comprises a processor and memory. The memory stores one or more programs comprising instructions to execute a method. The method first comprises comparing a first version of a software module with a second version of a software module. Second, the system determines one or more differences between the first version and the second version. Next, the system represents the one or more differences as symbolic constraints. Last, the system generates a firewall for identifying exploitative input using the symbolic constraints.
    Type: Grant
    Filed: July 13, 2016
    Date of Patent: January 22, 2019
    Assignee: NARF INDUSTRIES, LLC
    Inventors: Paul Makowski, Benjamin Schmidt
  • Publication number: 20180181498
    Abstract: A system and method is provided for secure establishment of a trusted enclave among co-privileged executable code. The system comprises one or more processors; execute only memory; and one or more programs stored in the memory. The one or more programs comprise instructions to establish a trusted enclave and an untrusted enclave in kernel space code, wherein the trusted enclave and the untrusted enclave are co-privileged from the perspective of the processor. The trusted code has the ability to modify page tables and the untrusted code does not have the ability to modify page tables. Any changes to memory mappings involve the trusted code. Page tables are mapped as read-only during execution of the untrusted code and mapped as writeable only during execution of the trusted code.
    Type: Application
    Filed: December 28, 2017
    Publication date: June 28, 2018
    Applicant: Narf Industries, LLC
    Inventors: Paul E. Makowski, Benjamin L. Schmidt, Maxwell J. Koo
  • Publication number: 20170337139
    Abstract: A system and method is provided for probabilistic defense against remote exploitation of memory. In certain embodiments, the system comprises one or more processors, read and execute (RX) portions of memory, read and write (RW) portions of memory, execute only (XOM) portions of memory, and one or more programs stored in the memory. The one or more programs include instructions for maintaining all pointers to RX memory instructions in XOM memory. In addition, the one or more programs include instructions for preventing all direct references to RX memory in RW memory by forcing pointers in RW memory to reference XOM memory first, which then references RX memory instructions.
    Type: Application
    Filed: May 19, 2017
    Publication date: November 23, 2017
    Applicant: NARF INDUSTRIES, LLC
    Inventors: PAUL E. MAKOWSKI, BENJAMIN L. SCHMIDT, MAXWELL J. KOO
  • Publication number: 20170019422
    Abstract: A system and method for identifying and preventing vulnerability exploitation is provided. The system comprises a processor and memory. The memory stores one or more programs comprising instructions to execute a method. The method first comprises comparing a first version of a software module with a second version of a software module. Second, the system determines one or more differences between the first version and the second version. Next, the system represents the one or more differences as symbolic constraints. Last, the system generates a firewall for identifying exploitative input using the symbolic constraints.
    Type: Application
    Filed: July 13, 2016
    Publication date: January 19, 2017
    Applicant: Narf Industries, LLC
    Inventors: Paul Makowski, Benjamin Schmidt