Computer software may be vulnerable to external attacks that aim to control its behavior. Typically, such attacks arrive as data over a regular communication channel and exploit pre-existing software flaws. By exploiting a flaw, an attack in the form, for example, of a worm or virus may subvert software execution and gain control over software behavior. Worms or viruses may insert themselves into an execution flow of software and divert the flow from the software-planned course to a course dictated by the worm or virus. The software flaw may be at the machine code level, and the attack may divert execution of software machine code, leading to the execution of an unanticipated sequence of machine code instructions.
A typical approach to protecting software against such worms or viruses is to reduce or attempt to eliminate flaws in software coding. A problem with this approach is that it may be very difficult to eliminate all flaws in a piece of software. Other mitigation approaches depend on computer systems independently picking arbitrary values from a large potential set of values, and attempting to surround or convolve important metadata (that an attacker may want to modify) with those arbitrary values—such that the attacker must, for a successful attack, make use of the actual values chosen. These approaches cannot guarantee that the attacker will not learn the chosen values, and may be ineffective if an attacker learns or successfully guesses the chosen value. More broadly, such approaches may not prevent many attacks that may in particular modify machine memory.
Therefore, there is a need for a defense against viruses, worms, and other attacks on computers that is not dependent on the secrecy of arbitrarily chosen values and that can resist attacks that may modify memory.