Patent · US Active

Hardware—assisted system and method for detecting and analyzing system calls made to an operating system kernel

US11120106B2 · kind B2 · utility

3Cited by

12References

23Claims

0Family size

Assignee

Endgame, Inc. · US

Inventor

Matthew D. Spisak · Columbus, US

Key dates

Filing date	Jul 30, 2016
Grant date	Sep 14, 2021
Priority date	—
Expiry date	Jul 30, 2036

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/2101
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

The present disclosure relates to a system and method for monitoring system calls to an operating system kernel. A performance monitoring unit is used to monitor system calls and to gather information about each system call. The information is gathered upon interrupting the system call and can include system call type, parameters, and information about the calling thread/process, in order to determine whether the system call was generated by malicious software code. Potentially malicious software code is nullified by a malicious code counter-attack module.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.