FUNCTIONAL PATCHING/HOOKING DETECTION AND PREVENTION
First Claim
Patent Images
1. A method for preventing malicious attacks on software, using the patching method, comprising the steps of:
- i) providing a database of legitimate and known patches, which database contains characteristic code paths of said legitimate patches;
ii) detecting whether a patch is malicious by inspecting one or more characteristic paths of said patch and matching said one or more code paths against said database of legitimate and known patches; and
iii) performing an activity needed to prevent said malicious patch from performing undesired activities.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for preventing malicious attacks on software, using the patching method, includes providing a database of legitimate and known patches, the database contains characteristic code paths of said legitimate patches. The method also includes detecting whether a patch is malicious by inspecting one or more characteristic paths of the patch and matching one or more code paths against the database of legitimate and known patches. An activity needed to prevent the malicious patch from performing undesired activities is then performed.
-
Citations
12 Claims
-
1. A method for preventing malicious attacks on software, using the patching method, comprising the steps of:
-
i) providing a database of legitimate and known patches, which database contains characteristic code paths of said legitimate patches; ii) detecting whether a patch is malicious by inspecting one or more characteristic paths of said patch and matching said one or more code paths against said database of legitimate and known patches; and iii) performing an activity needed to prevent said malicious patch from performing undesired activities. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
Specification