Invention Grant
- Patent Title: Automated protection against computer exploits
- Patent Title (中): 自动防护计算机漏洞
-
Application No.: US13648863Application Date: 2012-10-10
-
Publication No.: US08990934B2Publication Date: 2015-03-24
- Inventor: Mikhail A. Pavlyushchik
- Applicant: Kaspersky Lab ZAO
- Applicant Address: RU Moscow
- Assignee: Kaspersky Lab ZAO
- Current Assignee: Kaspersky Lab ZAO
- Current Assignee Address: RU Moscow
- Agency: Patterson, Thuente, Pedersen, P.A.
- Priority: RU2012106465 20120224
- Main IPC: G06F11/00
- IPC: G06F11/00 ; G06F21/00
Abstract:
Protection of a computer system against exploits. A computer system has a memory access control arrangement in which at least write and execute privileges are enforced for allocated portions of memory. An association of the process thread and the first portion of memory is recorded. A limited access regime in which one of the write and execute privileges is disabled, is established, and is monitored for any exceptions occurring due to attempted writing or execution in violation thereof. In response to the exception being determined as a write exception, the associated process thread is looked up, and analyzed for a presence of malicious code. In response to the exception type being determined as an execute exception, the first portion of memory is analyzed for a presence of malicious code. In response to detection of a presence of malicious code, execution of the malicious code is prevented.
Public/Granted literature
- US20130227680A1 AUTOMATED PROTECTION AGAINST COMPUTER EXPLOITS Public/Granted day:2013-08-29
Information query
