Patent · US Active

Hardware-assisted system and method for detecting and analyzing system calls made to an operating system kernel

US12032661B2 · kind B2 · utility

0Cited by

17References

20Claims

0Family size

Assignee

Endgame, Inc. · US

Inventor

Matthew D. Spisak · Columbus, US

Key dates

Filing date	Jun 14, 2021
Grant date	Jul 9, 2024
Priority date	—
Expiry date	Jun 14, 2041

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/2101
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

The present disclosure relates to a system and method for monitoring system calls to an operating system kernel. A performance monitoring unit is used to monitor system calls and to gather information about each system call. The information is gathered upon interrupting the system call and can include system call type, parameters, and information about the calling thread/process, in order to determine whether the system call was generated by malicious software code. Potentially malicious software code is nullified by a malicious code counter-attack module.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.