Protecting a computer system from malicious program code

Protecting a computer system from malicious program code

A controller of a computer system is programmed with a method of protecting the system from the execution of malicious code. An index table is provided 210 which records the storage locations of the application program interfaces (API) used by the system. The method calls one of the APIs 220, and as...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: CHIEH-WEN CHEN, JU-HSUAN HE, FU-HAU HSU, WEIAO HSU
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A controller of a computer system is programmed with a method of protecting the system from the execution of malicious code. An index table is provided 210 which records the storage locations of the application program interfaces (API) used by the system. The method calls one of the APIs 220, and assesses 230 whether it meets a predetermined condition. If the condition is met, the system blocks 240 the API from executing its function. The condition may be whether the function of the API relates to a protected process or dynamic link library (DLL), or whether the API attempts to amend the registry of the operating system. The method allows detection of malicious program code before it carries out its function, and does not conflict with the operation of other processes in the system. A device which hooks APIs called by the system in order to make an assessment as to their validity is also disclosed.