D3-AH

Harden
Application Hardening

Definition

Application Hardening makes an executable application more resilient to a class of exploits which either introduce new code or execute unwanted existing code. These techniques may be applied at compile-time or on an application binary.

Technique Overview

Exploits may, for example, rely on knowledge of addresses in a process's memory, they may alter memory contents, and they may cause a program to use instructions in a way that they were not intended. By, for example, including code that dynamically changes the memory address of data or code on each run, introducing logic to validating the memory contents before certain potentially dangerous flows are executed, or monitoring a program for unusual sequence of instructions, this makes it harder for an attacker to craft a working exploit.

Artifact Relationships

This defensive technique relates to specific digital artifacts.

obfuscates
neutralizes
monitors
monitors
validates
hardens
configures
validates
enforces
validates
authenticates
validates
Application Hardening
Process Segment
Process Segment
Shadow Stack
Call Stack
Stack Frame
Application Configuration
Application Configuration
Control Flow Graph
Control Flow Policy
Pointer
Pointer
Memory Address