MALWARE DETECTION IN MEMORY

Title:

MALWARE DETECTION IN MEMORY

Document Type and Number:

WIPO Patent Application WO/2019/113843

Kind Code:

A1

Abstract:

A system for detecting malware includes a processor to collect processor trace information corresponding to an application being executed by the processor (202). The processor can also detect an invalid indirect branch instruction from the processor trace information (204) and detect at least one malware instruction being executed by the application in response to analyzing modified memory values corresponding to the invalid indirect branch (206). Additionally, the processor can block the application from accessing or modifying memory (208).

Inventors:

BI DANYU (CN)
SULTANA SALMIN (US)
LI YUANYUAN (CN)
JIANG YONG (CN)
PESARA PRAMOD (US)
PANNEER SELVAKUMAR (US)
SAHITA RAVI (US)

Application Number:

PCT/CN2017/115955

Publication Date:

June 20, 2019

Filing Date:

December 13, 2017

Export Citation:

Click for automatic bibliography generation Help

Assignee:

INTEL CORP (US)
BI DANYU (CN)
SULTANA SALMIN (US)
LI YUANYUAN (CN)
JIANG YONG (CN)
PESARA PRAMOD (US)
PANNEER SELVAKUMAR (US)
SAHITA RAVI (US)

International Classes:

G06F21/56

Foreign References:

US20160283714A1	2016-09-29
US20060200863A1	2006-09-07
US20160283717A1	2016-09-29
US9756069B1	2017-09-05

Attorney, Agent or Firm:

CHINA PATENT AGENT (H.K.) LTD. (CN)

Download PDF:

View/Download PDF PDF Help

Previous Patent: QUANTUM DOT BETAVOLTAIC BATTERY

Next Patent: METHOD FOR GENERATING RANDOM NUMBER, CHIP, AND ELECTRONIC DEVICE