Patent · US Active

Protecting user mode processes from improper tampering or termination

US8621628B2 · kind B2 · utility

8Cited by

8References

20Claims

0Family size

Assignee

Microsoft Corporation · US

Inventors

Eli Zeitlin · Holon, IL
Arnon Axelrod · Matan, IL
Anil Thomas · Redmond, US
Kanwaljit Marok · Seattle, US

Key dates

Filing date	Feb 25, 2010
Grant date	Dec 31, 2013
Priority date	—
Expiry date	Dec 30, 2030

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/56
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

In one embodiment, a malware protection system may protect a computing system from a malware event. A data storage device 150 may store a watchdog filter driver 240 integrated with an operating system kernel 210. A processor 120 may intercept a process access to an application process 220 with the watchdog filter driver 240 to detect a malware event. The processor 120 may use the watchdog filter driver 240 to determine an originating process for the malware event.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.