Patent · US Active

Preventing malware from abusing application data

US8499354B1 · kind B1 · utility

80Cited by

2References

19Claims

0Family size

Assignee

Symantec Corporation · US

Inventors

Sourabh Satish · Fremont, US
William E. Sobel · Jamul, US

Key dates

Filing date	Mar 15, 2011
Grant date	Jul 30, 2013
Priority date	—
Expiry date	Jul 9, 2031

Classification

Technology area (CPC G)Physics
CPC primaryG06F9/44521
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

An attempted exploit of a vulnerability of an application executed by a computer is detected. The exploit attempts to call an application programming interface (API) and abuse application data through a malicious parameter of the call. The API of the application is hooked and monitored for a call made to the hooked API. A parameter of the call is analyzed to determine whether the parameter has a malicious characteristic indicating an attempt to use data within an address space of the application to execute malicious software. A remediation action is taken responsive to determining that the parameter has a malicious characteristic.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.