Real-time detector of zero-day attacks on processor - Cyber Escort Unit

The end justifies the means. It seems that today's processors follow this Machiavellian precept to achieve even more impressive performances. However, this has a critical negative impact on security by neglecting some basic recommendations on program execution. Despite huge efforts in the formal proof domain, secure coding is not so far at the easy reach of human nor machines, meaning that, by essence, a software code contains bugs. These software bugs represent however many breaches in cyber-protection constituting an abundant or even boundless source of weaknesses and attacks paths which cannot be predicted and giving rise to so-called "Zero-Day Attacks". Structural protection allowing permanent alertness and long-term efficiency has to be preferred to "Patch and Pray" solutions, which are always too late and poorly efficient despite today's commons and standards at the software level.
To break the deadlock, Secure-IC is convinced that the hardware layer must cooperate more deeply with software layers to bridge this security gap. Hardware must become a security partner to prevent at the root ever-evolving cyber-attacks. In addition to its strategic position in the lowest OSI level, hardware IP presents outstanding properties in terms of reactivity, allowing to detect zero-day attacks before execution, and security, since it is much harder to compromise. We are not alone on this track, the US DARPA has recently launched a program called System Security Integrated Through Hardware and Firmware following the same reasoning.

The Cyber Escort Unit is designed to fill the security gap between software cybersecurity and hardware by escorting step by step the program execution to achieve high execution performances in a secure way, allowing advantageously real-time detection of zero-day attacks. Unique on the market, this product builds the foundation for hardware-enabled cybersecurity.
It is the only tool on the market that comprises technologies for detecting and deceiving cyberattacks. This technology acts on-the-fly. Precisely, Cyber Escort Unit (CyberEU in short) is a two-fold technology aiming to protect against four threats:

• Return oriented programming (ROP), Jump Oriented Programming (JOP): The attacker reuses chunks of code to assemble a malicious program as a patchwork.


• Stack Smashing, by exploiting a buffer over run or integer under-or-overflow etc.: the attacker crafts some fake stack frames in order to change the program context.


• Executable Code Modification, Overwrite: the attacker manages to change the genuine program into a malicious program.


• Control Flow hijacking: the attacker manipulates the program so that it calls an illicit function, or it takes an illicit branch.

Those threats represent a large amount of vulnerabilities encountered in practice. For instance, more than a quarter of the attacks on Supervisory control and Data Acquisition systems (Figure 1) consist in improper restrictions of operations within the bounds of a memory buffer.

• see the entire Real-time detector of zero-day attacks on processor - Cyber Escort Unit datasheet
• get in contact with Real-time detector of zero-day attacks on processor - Cyber Escort Unit Supplier