Please download the dossier by clicking on the dossier button x
×

Detection and mitigation of malicious invocation of sensitive code

  • US 9,886,577 B2
  • Filed: 09/26/2014
  • Issued: 02/06/2018
  • Est. Priority Date: 09/26/2014
  • Status: Active Grant
First Claim
Patent Images

1. At least one non-transitory computer-readable medium comprising one or more instructions that when executed by at least one processor:

  • identify regions of code in an extended page table that includes API code pages to be monitored;

    probe and lock code pages that include the identified regions of code;

    remap the code pages as executable in an alternate extended page table view only;

    detect a page load, wherein the page load is for a page that does not include the proper entry point of an API;

    determine, based on detecting the page load of the page that does not include the proper entry point of the API, from the extended page table whether the page is to be monitored; and

    generate, based on the determination that the page is to be monitored, an execution fault.

View all claims
  • 10 Assignments
Timeline View
Assignment View
    ×
    ×