Patent · US Active

Collecting malware samples via unauthorized download protection

US8353033B1 · kind B1 · utility

49Cited by

6References

11Claims

0Family size

Assignee

Symantec Corporation · US

Inventors

Joseph Chen · Los Angeles, US
Brendon Woirhaye · Whittier, US

Key dates

Filing date	Jul 2, 2008
Grant date	Jan 8, 2013
Priority date	—
Expiry date	Apr 2, 2031

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/145
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A hook is set for one or more downloading functions. Subsequently, code is executed within an application process. Responsive to the executed code calling one of the hooked functions to download code, a return address of the called function is examined. If the return address is within a memory area not marked executable, the code is permitted to be downloaded and the downloaded code is submitted to a security server for analysis.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.