US Patent No: 7,437,759
Number of patents in Portfolio can not be more than 2000
Kernel mode overflow attack prevention system and method
Stats
-
Oct 14, 2008
Issued date -
Feb 17, 2004
filing date -
10/781,207
serial no -
In Force
status
Importance
Loading Importance Indicators...
Abstract
A method includes hooking a critical operating system function, stalling a call to the critical operating system function originating from a call module, determining a location of the call module in a kernel address space of a memory, and determining whether the location is in a driver area of the kernel address space. Upon a determination that the call module is not in the driver area, the method further includes taking protective action to protect a host computer system. In this event, it is highly likely that the call module is malicious code that has been injected into the kernel stack/heap through a malicious kernel mode buffer overflow attack. By taking protective action, exploitation, damage or destruction of the host computer system is prevented.
Loading the Abstract Image...
First Claim
Related Publications
Loading Related Publications...
International Classification(s)
- [Classification Symbol]
- [Patents Count]
Cited Art
| Patent Info | (Count) | # Cites | Year |
|---|---|---|---|
|
|
|||
| 5,696,822 Polymorphic virus detection module | 143 | 1995 | |
| 6,357,008 Dynamic heuristic method for detecting computer viruses using decryption exploration and evaluation phases | 138 | 1997 | |
| 7,228,563 Shell code blocking system and method | 4 | 2003 | |
| 7,216,367 Safe memory scanning | 15 | 2003 | |
|
|
|||
| 6,199,181 Method and system for maintaining restricted operating environments for application programs or operating systems | 153 | 1998 | |
| 7,146,305 Analytical virtual machine | 29 | 2001 | |
| 2004/0255,163 Preventing attacks in a data processing system | 32 | 2004 | |
|
|
|||
| 6,910,142 System for detection and routing of platform events in a multi-cell computer | 7 | 2001 | |
| 6,820,146 Filter driver for blocking access by host to devices | 8 | 2002 | |
|
|
|||
| 6,718,414 Function modification in a write-protected operating system | 5 | 2000 | |
| 7,181,603 Method of secure function loading | 12 | 2002 | |
|
|
|||
| 5,864,683 System for providing secure internetwork by connecting type enforcing secure computers to external network for limiting access to data based on user and process access rights | 285 | 1994 | |
| 6,658,571 Security framework for dynamically wrapping software applications executing in a computing system | 54 | 1999 | |
|
|
|||
| 2002/0083,334 Detection of viral code using emulation of operating system functions | 37 | 2001 | |
|
|
|||
| 7,085,928 System and method for defending against malicious software | 29 | 2001 | |
|
|
|||
| 6,301,699 Method for detecting buffer overflow for computer security | 70 | 1999 | |
|
|
|||
| 5,598,531 Method and apparatus for preventing "disease" damage in computer systems | 20 | 1993 | |
|
|
|||
| 5,822,517 Method for detecting infection of software programs by memory resident software viruses | 57 | 1996 | |
|
|
|||
| 5,802,178 Stand alone device for providing security within computer networks | 69 | 1996 | |
|
|
|||
| 2003/0014,667 Buffer overflow attack detection and suppression | 26 | 2001 | |
|
|
|||
| 6,092,136 Multi-processor central processing unit | 10 | 1998 | |
Patent Citation Ranking
Maintenance Fees
| Fee | Large entity fee | small entity fee | micro entity fee | due date |
|---|---|---|---|---|
| 7.5 Year Payment | $3600.00 | $1800.00 | $900.00 | Apr 14, 2016 |
| 11.5 Year Payment | $7400.00 | $3700.00 | $1850.00 | Apr 14, 2020 |
| Fee | Large entity fee | small entity fee | micro entity fee |
|---|---|---|---|
| Surcharge - 7.5 year - Late payment within 6 months | $160.00 | $80.00 | $40.00 |
| Surcharge - 11.5 year - Late payment within 6 months | $160.00 | $80.00 | $40.00 |
| Surcharge after expiration - Late payment is unavoidable | $700.00 | $350.00 | $175.00 |
| Surcharge after expiration - Late payment is unintentional | $1,640.00 | $820.00 | $410.00 |