首页> 外国专利> Selective assessment of maliciousness of software code executed in the address space of a trusted process

Selective assessment of maliciousness of software code executed in the address space of a trusted process

机译：选择性评估在受信任进程的地址空间中执行的软件代码的恶意性

页面导航

摘要
著录项
相似文献

摘要

System and method for detection of malicious code injected into processes associated with known programs. Execution of processes in a computer system is monitored. From among the processes being monitored, only certain processes are selected for tracking. For each of the processes selected, function calls made by threads of the process are tracked. From among the tracked function calls, only those function calls which are critical function calls are identified. For each identified critical function call, program instructions that caused the critical function call are subjected to analysis to assess their maliciousness.

机译：用于检测注入与已知程序关联的进程中的恶意代码的系统和方法。监视计算机系统中进程的执行。从被监视的过程中，仅选择某些过程进行跟踪。对于所选的每个进程，都会跟踪该进程的线程进行的函数调用。在跟踪的函数调用中，仅识别那些关键的函数调用。对于每个识别的关键功能调用，都会对引起关键功能调用的程序指令进行分析，以评估其恶意程度。

著录项

公开/公告号US9336390B2

专利类型
公开/公告日2016-05-10

原文格式PDF
申请/专利权人 KASPERSKY LAB ZAO;
展开▼

申请/专利号US201313938966
发明设计人 MIKHAIL A. PAVLYUSHCHIK;
展开▼

申请日2013-07-10
分类号G06F21/00;H04L29/06;G06F21/56;
国家 US
入库时间 2022-08-21 14:28:16

相似文献

专利
外文文献
中文文献