Invention Grant
- Patent Title: Information-processing device, information-processing method, and recording medium that block intrusion of malicious program to kernel
-
Application No.: US15306823Application Date: 2015-05-15
-
Publication No.: US10380336B2Publication Date: 2019-08-13
- Inventor: Junko Suginaka
- Applicant: Junko Suginaka
- Agency: Volpe and Koenig, P.C.
- Priority: JP2014-102114 20140516
- International Application: PCT/JP2015/063975 WO 20150515
- International Announcement: WO2015/174512 WO 20151119
- Main IPC: G06F21/52
- IPC: G06F21/52 ; G06F11/30 ; G06F9/445 ; G06F21/56 ; H04L29/06
Abstract:
An information processing device (1) includes: a Syscall instruction monitoring part (313) configured to monitor at least an instruction to pass processing to a kernel (35) of an OS among instructions issued to a CPU (11); and an exclusive loader (201) configured to load a monitoring software (31) functioning as the Syscall instruction monitoring part (313) at region A in a RAM (30), the monitoring software set at ring 0 that is higher than ring (2) set for the kernel (35) of the OS. Even when an access is tried to a resource by executing a malicious program, the access can be detected and intrusion of the malicious program to the kernel can be blocked.
Public/Granted literature
- US20170220795A1 INFORMATION-PROCESSING DEVICE, INFORMATION-PROCESSING MONITORING METHOD, AND RECORDING MEDIUM Public/Granted day:2017-08-03
Information query
