Systems and methods for identifying external functions called by untrusted applications
US8621606B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Dec 31, 2007 |
| Grant date | Dec 31, 2013 |
| Priority date | — |
| Expiry date | Jan 7, 2032 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/57
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A computer-implemented method for identifying external functions called by an untrusted application may comprise loading an untrusted application into an emulated computing environment, executing a first computer-readable instruction of the untrusted application within the emulated computing environment, intercepting a request to access an external-function-specific region of memory, and identifying, by analyzing the request, an external function to be called by the first computer-readable instruction. The method may also comprise identifying an address associated with the external function and/or identifying a name associated with the external function. The name associated with the external function may be used to recreate an import table for the untrusted application. Corresponding systems and computer-readable media are also disclosed.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.