×

Detection of exploitative program code

  • US 10,685,110 B2
  • Filed: 12/29/2017
  • Issued: 06/16/2020
  • Est. Priority Date: 12/29/2017
  • Status: Active Grant
First Claim
Patent Images

1. A method for detecting potentially exploitative code, the method comprising:

  • running potentially exploitative code as a child process, the potentially exploitative code associated with a set of program code;

    receiving computer information that is associated with the set of program code, the computer information including data and information associated with internal structures associated with the set of program code;

    analyzing the data and the information associated with the internal structures associated with the set of program code as the potentially exploitative code is run as the child process;

    identifying that the data and the information associated with the internal structures is consistent with suspicious activity based on identifying that a region of memory allocated for storing non-executable program data has been associated with an executable function; and

    classifying the computer information as being suspicious based on the identification that the region of memory allocated for storing the non-executable program data has been associated with the executable function.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×