Title:
MALWARE DETECTION IN MEMORY
Document Type and Number:
WIPO Patent Application WO/2019/113843
Kind Code:
A1
Abstract:
A system for detecting malware includes a processor to collect processor trace information corresponding to an application being executed by the processor (202). The processor can also detect an invalid indirect branch instruction from the processor trace information (204) and detect at least one malware instruction being executed by the application in response to analyzing modified memory values corresponding to the invalid indirect branch (206). Additionally, the processor can block the application from accessing or modifying memory (208).
Inventors:
BI DANYU (CN)
SULTANA SALMIN (US)
LI YUANYUAN (CN)
JIANG YONG (CN)
PESARA PRAMOD (US)
PANNEER SELVAKUMAR (US)
SAHITA RAVI (US)
SULTANA SALMIN (US)
LI YUANYUAN (CN)
JIANG YONG (CN)
PESARA PRAMOD (US)
PANNEER SELVAKUMAR (US)
SAHITA RAVI (US)
Application Number:
PCT/CN2017/115955
Publication Date:
June 20, 2019
Filing Date:
December 13, 2017
Export Citation:
Assignee:
INTEL CORP (US)
BI DANYU (CN)
SULTANA SALMIN (US)
LI YUANYUAN (CN)
JIANG YONG (CN)
PESARA PRAMOD (US)
PANNEER SELVAKUMAR (US)
SAHITA RAVI (US)
BI DANYU (CN)
SULTANA SALMIN (US)
LI YUANYUAN (CN)
JIANG YONG (CN)
PESARA PRAMOD (US)
PANNEER SELVAKUMAR (US)
SAHITA RAVI (US)
International Classes:
G06F21/56
Foreign References:
US20160283714A1 | 2016-09-29 | |||
US20060200863A1 | 2006-09-07 | |||
US20160283717A1 | 2016-09-29 | |||
US9756069B1 | 2017-09-05 |
Attorney, Agent or Firm:
CHINA PATENT AGENT (H.K.) LTD. (CN)
Download PDF:
Previous Patent: QUANTUM DOT BETAVOLTAIC BATTERY
Next Patent: METHOD FOR GENERATING RANDOM NUMBER, CHIP, AND ELECTRONIC DEVICE
Next Patent: METHOD FOR GENERATING RANDOM NUMBER, CHIP, AND ELECTRONIC DEVICE