Startup Determina has released a product that they claim protects
against 100% of all memory based attacks, including all types of buffer
overflows, without any false positives, false negatives or noticeable

This is appareantly based on work done by their CTO, Dr. Saman
Amarasinghe, who is an Associate Professor of the Department of
Electrical Engineering and Computer Science at MIT. 

If this is based on work from MIT I guess the research should be public,
but I have trouble finding evidence that support these broad claims.

Broad overview at

More in-depth overview at

The paper gives some graphs about jump points and break instructions. I
would guess that they have a rootkit that hooks all kernel and user
space functions that deal with memory allocation and process creation.
When a process is created they probably generate a map of all
carry/jump/break instructions which they use to compare with once
anything in the system tries to alter the process memory space through
the system functions they are proxying. If anything tries to change the
existing execution roadmap they just disregard that request for a
process memory change. 


Thor Larholm
Senior Security Researcher
PivX Solutions
24 Corporate Plaza #180
Newport Beach, CA 92660
Stock symbol: (PIVX)
Phone: +1 (949) 231-8496
PGP: 0x5A276569
6BB1 B77F CB62 0D3D 5A82 C65D E1A4 157C 5A27 6569

PivX defines a new genre in Desktop Security: Proactive Threat

Reply via email to