Responding to detected application vulnerability exploits
US7962961B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 13, 2007 |
| Grant date | Jun 14, 2011 |
| Priority date | — |
| Expiry date | Feb 25, 2030 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2101
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A security module detects attempted exploitations of vulnerabilities of an application executing on a computer. A robust function of the application having native error handling functionality is identified. The security module wraps the robust function with an exception handler that catches a “security violation” exception. The exception handler returns an error code of a type that is handled by the application's native error handling functionality. The security module also hooks the application. When a hook is followed, the security module determines whether a vulnerability in the application is being exploited. If an attempted exploit is detected, the security module throws the security violation exception. The application's native error handling functionality unwinds the call stack for the application until it reaches the exception handler wrapping the robust function. The exception handler catches the security violation exception and returns the error code to the application's native error handling functionality.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.