Market Overview

Software Security: How To Protect Software From Cyber Security Attacks

Share:

BOSTON, Jan. 2, 2019 /PRNewswire/ -- Zeus SW Defender, LLC (http://www.zeusswdef.com) has announced the Zeus Software Defender Technology ("Zeus") for protecting software programs from potential cyber security attacks by hardening the software programs.

Software security is an essential element of cyber security.

Among various ways of cyber security, protection of software becomes a key issue in cyber security as the deployments of embedded software systems such as in IoT (Internet of Things) Devices, Drones, and Autonomous Vehicles are increasing exponentially. Software vulnerabilities exist in all types of software. A well known software vulnerability is the buffer overflow. The buffer overflow occurs when a software program attempts to write data into a memory buffer beyond its boundary. Attackers exploit buffer overflow to intercept control-flow of software programs or disclose information critical to security. In particular, attackers employ buffer overflow to overwrite a pointer, i.e. a memory location that contains an address of an instruction which the processor will jump to and execute during program execution. For information leak, attackers overwrite a specific memory location checking if crash occurs. If not, the written bits are what are at the location.

Patent pending Zeus performs the dynamic re-encryption of code pointers to protect software programs written in C/C++ programming language from buffer overflow attacks for interception and disclosure of control-flow. Zeus can successfully mitigate real world cyber attacks reported in CVE (common world attacks). As examples, Zeus can block control-flow hijacking caused by a stack buffer overflow vulnerability CVE-2018-18409 of an open source tcpflow (https://github.com/simsong/tcpflow/wiki); CVE-2018-17439 and CVE-2018-15671 of a data management SW HDF5 (https://www.hdfgroup.org/downloads); and CVE-2013-2028 of  Nginx web server leaking a return address byte-by-byte (https://www.rapid7.com/db/vulnerabilities/nginx-cve-2013-2028). Zeus injects code fragments into programs at compile time so that the programs harden themselves by encryption and re-encryption at runtime. Zeus has low overhead in execution time and does not require any additional security features outside of the program. Since Zeus can cover zero-day attacks, Zeus dramatically reduces the risks caused by buffer overflow. Zeus can be implemented into C/C++ Compliers.

For more information regarding Zeus, please contact
Alex G. Lee, PhD, Esq., CLP
Managing Partner
Zeus SW Defender, LLC
alexglee@zeussfdef.com
https://www.linkedin.com/in/alexgeunholee

Zeus SW Defender, LLC is based in Boston, and is operated for Zeus Software Defender technology and related intellectual property development, commercialization, and monetization.

Related Links
Zeus Introduction: https://www.slideshare.net/alexglee/zeus-sw-defender-technology-introduction
Zeus Demo: https://www.youtube.com/watch?v=Xl8HR0ucZf4&t=55s

Cision View original content to download multimedia:http://www.prnewswire.com/news-releases/software-security-how-to-protect-software-from-cyber-security-attacks-300771518.html

SOURCE Zeus SW Defender, LLC

View Comments and Join the Discussion!
 
Don't Miss Any Updates!
News Directly in Your Inbox
Subscribe to:
Benzinga Premarket Activity
Get pre-market outlook, mid-day update and after-market roundup emails in your inbox.
Market in 5 Minutes
Everything you need to know about the market - quick & easy.
Fintech Focus
A daily collection of all things fintech, interesting developments and market updates.
Thank You

Thank you for subscribing! If you have any questions feel free to call us at 1-877-440-ZING or email us at vipaccounts@benzinga.com