Detection of hidden objects in a computer system

System and method for detecting a security compromise of a service module of an operating system running on a computer. At least one native service module returns a first set of requested information relating to at least one object in the computer system in response to a request made by at least one...

Full description

Saved in:
Bibliographic Details
Main Author RUSAKOV VYACHESLAV E
Format Patent
LanguageEnglish
Published 18.03.2014
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online AccessGet full text

Cover

More Information
Summary:System and method for detecting a security compromise of a service module of an operating system running on a computer. At least one native service module returns a first set of requested information relating to at least one object in the computer system in response to a request made by at least one process or thread. A secondary service module generates and returns a second set of requested information relating to the at least one object in the computer system in response to a request made by at least one authorized process or thread, bypassing the at least one native service module. Access of threads is limited to the secondary service module such that only predetermined threads generated by a trusted security application are permitted to access the secondary service module.
Bibliography:Application Number: US20100955279