The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Mar. 06, 2018
Filed:
Jan. 28, 2014
F-secure Corporation, Helsinki, FI;
Mikko Suominen, Helsinki, FI;
F-Secure Corporation, Helsinki, FI;
Abstract
A method of detecting suspicious code that has been injected into a process. The method includes identifying suspicious executable memory areas assigned to the process and, for each thread in the process, inspecting a stack associated with the thread to identify a potential return address; determining whether or not the potential return address is located within a suspicious memory area; and, if the potential return address is located within a suspicious memory area, determining whether or not the instruction at the address preceding the potential return address is a function call and, if yes, determining that the potential return address is a true return address and identifying the thread and associated code as suspicious.