Deterring reverse-engineering of software systems by randomizing the siting of stack-based data

Abstract

A given software process is composed on one or more threads of execution. Each thread possesses its own stack, a region of memory set aside by the operating system for that thread to store data. Popular programming languages rely heavily on stack-based data (frequently referred to as 'local' or 'automatic' data). It is a characteristic of deterministic machines like computers that, given the same problem to process with the same data, the same results, both intermediate and final, will result. This even extends to the sequence the software running on the computer will take to process the problem or data. This in turn means that for each thread making up the program, the data layout in the thread's stack will be relatively consistent each time the program gets to a similar point in the processing of the problem and/or data. This represents a potential “point of repeatability” that a hacker can take advantage of. Embodiments of the current invention address this by introducing random amounts of “padding” into a thread's stack, such that all data objects that exist “below” that point in the stack are offset by the amount of this random padding. A thread could have several points in its stack where the padding is introduced, resulting in better (more difficult to hack) randomization.