Methods for protecting software hooks, and related computer security systems and apparatus
US11042633B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Sep 27, 2018 |
| Grant date | Jun 22, 2021 |
| Priority date | — |
| Expiry date | Sep 15, 2039 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F9/455
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A computing apparatus for protecting software hooks from interference may include a processing device and a memory access monitoring device configured to monitor access to the memory addresses of one or more hooks. When a task T1 attempts to write to a memory address of a monitored hook, the monitoring device may generate a notification (e.g., an interrupt), and the processing device may pause execution of the task T1 and initiate execution of a hook protection task T2. The hook protection task T2 may determine whether to allow task T1 to modify the monitored hook. If task T1 is not a trusted task (e.g., if task T1 is or may be malware), the processing device blocks T1 from modifying the monitored hook. In this manner, some attempts to unhook critical software hooks may be thwarted.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.