Patent · US Active

Method and system for detecting data modification within computing device

US9009474B2 · kind B2 · utility

0Cited by

4References

20Claims

0Family size

Assignee

Trend Micro Incorporated · JP

Inventors

Rares Stefan · Montréal, CA
Blake Stanton Sutherland · Almonte, CA

Key dates

Filing date	Apr 28, 2014
Grant date	Apr 14, 2015
Priority date	—
Expiry date	Apr 28, 2034

Classification

Technology area (CPC H)Electricity
CPC primaryH04L2209/60
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A method and apparatus for detecting data modification in a layered operating system is disclosed. Outbound content indicators at different layers are compared to detect potential outbound data modifications. Likewise, inbound content indicators at different layers are compared to detect potential inbound data modifications. Content indicators include checksum, cryptographic hash, signature, and fingerprint indicators. Embodiments of the present invention enable detection of data modifications across an operating system's kernel and user mode spaces, prevention of modified outbound data from reaching a network, prevention of modified input data from reaching a user application, and detection of malware and faults within an operating system.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.