The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
May. 08, 2018
Filed:
Dec. 24, 2015
Intel Corporation, Santa Clara, CA (US);
Koichi Yamada, Los Gatos, CA (US);
Palanivelrajan Shanmugavelayutham, San Jose, CA (US);
Chang Seok Bae, San Jose, CA (US);
Intel Corporation, Santa Clara, CA (US);
Abstract
This disclosure is directed to a system for system for application program interface (API) monitoring bypass prevention. Operation of an API function may be preserved by generating a binary translation based on the API function native code. The native code may then be protected to prevent API monitoring bypassing. In one embodiment, access permission may be set to non-executable for a memory page in which the native code is stored. Attempts to execute the native code may generate exceptions triggering API monitoring. Alternatively, some or all of a body section of the native code may be replaced with at least one trap instruction that cause exceptions triggering API monitoring or engaging protective measures. Use of the trap instruction may be combined with at least one jump instruction added after a header section of the native code. Execution of the jump instruction may cause execution to be redirected to API monitoring.