The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
May. 31, 2022
Filed:
Sep. 16, 2019
Mcafee, Llc, Santa Clara, CA (US);
Palanivelrajan Rajan Shanmugavelayutham, San Jose, CA (US);
Koichi Yamada, Los Gatos, CA (US);
Vadim Sukhomlinov, Santa Clara, CA (US);
Igor Muttik, Aylesbury, GB;
Oleksandr Bazhaniuk, Hillsboro, OR (US);
Yuriy Bulygin, Beaverton, OR (US);
Dmitri Dima Rubakha, Santa Clara, CA (US);
Jennifer Eligius Mankin, Santa Clara, CA (US);
Carl D. Woodward, Santa Clara, CA (US);
Sevin F. Varoglu, Santa Clara, CA (US);
Dima Mirkin, Mevaseret Tzion, IL;
Alex Nayshtut, Gan Yavne, IL;
MCAFEE, LLC, San Jose, CA (US);
Abstract
A combination of hardware monitoring and binary translation software allow detection of return-oriented programming (ROP) exploits with low overhead and low false positive rates. Embodiments may use various forms of hardware to detect ROP exploits and indicate the presence of an anomaly to a device driver, which may collect data and pass the indication of the anomaly to the binary translation software to instrument the application code and determine whether an ROP exploit has been detected. Upon detection of the ROP exploit, the binary translation software may indicate the ROP exploit to an anti-malware software, which may take further remedial action as desired.