Patent · US Active

Method and apparatus for detecting shellcode insertion

US8984637B2 · kind B2 · utility

32Cited by

12References

15Claims

0Family size

Assignee

F-Secure Corporation · FI

Inventors

Vinay Karecha · George Town, MY
Hirosh Joseph · George Town, MY

Key dates

Filing date	Dec 15, 2009
Grant date	Mar 17, 2015
Priority date	—
Expiry date	Apr 1, 2033

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/52
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A method of detecting malware present on a computer system where the computer system is running an application. The method includes redirecting a function call, made by the application to a decoding function that performs decoding of an argument provided to it by an application, to a scanning function. The scanning function is then employed to scan an argument of the function call for suspect code or data. In the event that suspect code or data is detected, the function call is inhibited, otherwise program control is returned to the called decoding function.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.