首页>
外国专利>
Selective assessment of maliciousness of software code executed in the address space of a trusted process
Selective assessment of maliciousness of software code executed in the address space of a trusted process
展开▼
机译:选择性评估在受信任进程的地址空间中执行的软件代码的恶意性
展开▼
页面导航
摘要
著录项
相似文献
摘要
System and method for detection of malicious code injected into processes associated with known programs. Execution of processes in a computer system is monitored. From among the processes being monitored, only certain processes are selected for tracking. For each of the processes selected, function calls made by threads of the process are tracked. From among the tracked function calls, only those function calls which are critical function calls are identified. For each identified critical function call, program instructions that caused the critical function call are subjected to analysis to assess their maliciousness.
展开▼