MALICIOUS CODE DETECTION

In a system where an indirect control flow instruction requires a CPU to consult a first memory address, in addition to what is encoded in the instruction itself, for program execution, a method is provided to determine if the first memory address contains a valid or plausible value. The first memor...

Full description

Saved in:
Bibliographic Details
Main Author PIKE GEOFFREY
Format Patent
LanguageEnglish
Published 05.02.2009
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online AccessGet full text

Cover

More Information
Summary:In a system where an indirect control flow instruction requires a CPU to consult a first memory address, in addition to what is encoded in the instruction itself, for program execution, a method is provided to determine if the first memory address contains a valid or plausible value. The first memory address is compared to an expected or predicted memory address. A difference between the expected or predicted memory address and the first memory address causes an evaluation of any program code about to be executed. The evaluation of code determines whether or not a malicious attack is occurring, or being attempted, that might affect proper operation of the system or program.
Bibliography:Application Number: US20080124926