Method to detect application execution hijacking using memory protection
US11244044B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Feb 15, 2019 |
| Grant date | Feb 8, 2022 |
| Priority date | — |
| Expiry date | Feb 15, 2039 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/033
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
According to one embodiment, a malware detection software being loaded into non-transitory computer readable medium for execution by a processor. The malware detection software comprises exploit detection logic, rule-matching logic, reporting logic and user interface logic. The exploit detection logic is configured to execute certain event logic with respect to a loaded module. The rule-matching logic includes detection logic that is configured to determine whether an access source is attempting to access a protected region and determine whether the access source is from a dynamically allocated memory. The reporting logic includes alert generating logic that is configured to generate an alert while the user interface logic is configured to notify a user or a network administrator of a potential cybersecurity attack.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.