Method and apparatus for monitoring code injection into a process executing on a computer
US8612995B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Mar 31, 2009 |
| Grant date | Dec 17, 2013 |
| Priority date | — |
| Expiry date | Nov 18, 2031 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/56
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Method, apparatus, and computer readable medium for monitoring code injection in a computer is described. In some examples, at least one application programming interface (API) call configured to inject data into a process executing on the computer is intercepted. The data is parsed to identify instruction code to be performed by the process. The instruction code is compared with instances of predetermined instruction code to produce a score for the instruction code. The data is prevented from being injected into the process in response to the score satisfying a threshold score. The data may be allowed to be injected into the process in response to the score not satisfying the threshold score.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.