US Patent 10210329 Method to detect application execution hijacking using memory protection

Patent 10210329 was granted and assigned to FireEye on February, 2019 by the United States Patent and Trademark Office.

OverviewStructured DataIssuesContributors
Patent abstract

According to one embodiment, a system comprising a dynamic analysis server comprising one or more virtual machines is disclosed, wherein the one or more virtual machines may be configured to execute certain event logic with respect to a loaded module. The virtual machines may be communicatively coupled to a virtual machine manager and a database; and rule-matching logic comprising detection logic, wherein the detection logic is configured to determine (1) whether an access source is attempting to access a protected region such as a page guarded area; and (2) determine whether the access source is from the heap. The system further comprises reporting logic that is configured to generate an alert so as to notify a user and/or network administrator of a probable application-execution hijacking attack.

Timeline

No Timeline data yet.

Further Resources

Title
Author
Link
Type
Date
No Further Resources data yet.

References

Find more entities like US Patent 10210329 Method to detect application execution hijacking using memory protection

Use the Golden Query Tool to find similar entities by any field in the Knowledge Graph, including industry, location, and more.
Open Query Tool
Access by API
Golden Query Tool
Golden logo
By using this site, you agree to our Terms of Service.