Malicious Mobile Code Runtime Monitoring System and Methods

  • US 20150288720A1
  • Filed: 06/05/2015
  • Published: 10/08/2015
  • Est. Priority Date: 11/08/1996
  • Status: Active Grant
First Claim
Patent Images

1. A system for reviewing an operating system call issued by a downloadable, comprising:

  • an operating system probe associated with an operating system function for intercepting an operating system call being issued by a downloadable to an operating system and associated with the operating system function;

    a runtime environment monitor for comparing the operating system call against a predetermined security policy including multiple security rules to determine if execution of the operating system call violates one or more of the multiple security rules before allowing the operating system to process the operating system call and for forwarding a message to a response engine when the comparison by the runtime environment monitor indicates a violation of one or more of the multiple security rules;

    a response engine for compiling each rule violation indicated in the messages forwarded by the runtime environment monitor, for blocking execution of operating system calls that are forbidden according to the security policy when execution of the operating system calls would result in a violation of a predetermined combination of multiple security rules of the predetermined security policy and for allowing execution of operating system calls that are permitted according to the security policy.

View all claims

    Thank you for your feedback