Systems and methods of protecting data from malware processes
US10929537B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Jul 29, 2016 |
| Grant date | Feb 23, 2021 |
| Priority date | — |
| Expiry date | Jun 23, 2037 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/034
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
The present disclosure pertains to methods and systems for protecting data or other resources from malware. A driver executing in kernel mode of an operating system on a computing device may monitor one or more processes allowed to execute on the computing device. The one or more processes may include a first executing process. The driver may detect an attempt by a first thread of execution of the first executing process to access a protected file. The driver, responsive to the detection may identify a file type of the protected file. The driver, responsive to the identification of the file type, may determine whether the process is in a list of processes allowed for the file type. The drive may, responsive to determination, determine whether to deny or allow the first thread to access the protected file while allowing another thread of the executing process to execute on the computing device.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.