发明授权
US08612995B1 Method and apparatus for monitoring code injection into a process executing on a computer
有权
用于监视代码注入到在计算机上执行的进程的方法和装置
- 专利标题: Method and apparatus for monitoring code injection into a process executing on a computer
- 专利标题(中): 用于监视代码注入到在计算机上执行的进程的方法和装置
-
申请号: US12415803申请日: 2009-03-31
-
公开(公告)号: US08612995B1公开(公告)日: 2013-12-17
- 发明人: James Yun
- 申请人: James Yun
- 申请人地址: US CA Mountain View
- 专利权人: Symantec Corporation
- 当前专利权人: Symantec Corporation
- 当前专利权人地址: US CA Mountain View
- 代理机构: Wilmer Cutler Pickering Hale and Dorr LLP
- 主分类号: G06F13/00
- IPC分类号: G06F13/00
摘要:
Method, apparatus, and computer readable medium for monitoring code injection in a computer is described. In some examples, at least one application programming interface (API) call configured to inject data into a process executing on the computer is intercepted. The data is parsed to identify instruction code to be performed by the process. The instruction code is compared with instances of predetermined instruction code to produce a score for the instruction code. The data is prevented from being injected into the process in response to the score satisfying a threshold score. The data may be allowed to be injected into the process in response to the score not satisfying the threshold score.
信息查询
