Systems and methods of protecting data from injected malware
US11269989B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Apr 3, 2020 |
| Grant date | Mar 8, 2022 |
| Priority date | — |
| Expiry date | May 14, 2040 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/566
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Provided herein are systems and methods for protecting data from injected malware. In some embodiments, a virtual memory validator may execute in user mode memory space on a computing device. The virtual memory validator may monitor an execution stack of an executing thread of a process. The virtual memory validator may identify a memory address referenced in the execution stack, responsive to the process attempting to access a protected resource. The virtual memory validator may determine that the memory address refers to a memory region that is designated as executable. The virtual memory validator may determine that the memory address is outside memory regions identified in a memory range map. The virtual memory validator may, responsive to the determination, identify the process as a potential malware process.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.