Patent · US Active

Methods to impede common file/process hiding techniques

US9898615B1 · kind B1 · utility

1Cited by

1References

11Claims

0Family size

Assignee

Symantec Corporation · US

Inventors

Nathan Evans · Sterling, US
Azzedine Benameur · Fairfax, US
Yun Shen · Bristol, GB

Key dates

Filing date	Aug 20, 2015
Grant date	Feb 20, 2018
Priority date	—
Expiry date	Feb 20, 2036

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1441
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A processor-based method to defeat file and process hiding techniques in a computing device is provided. The method includes generating one of a path permutation, a symlink, or an address, for a path to open or obtain status of a tool or function in a library in a mobile computing device and making an open or status call for the tool or function, using the one of the path permutation, symlink or address. The method includes avoiding a pattern match and blocking, by an injected library, of the open or status call, the avoiding being a result of making the open or status call using the path permutation, symlink or address.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.