KR20080103976A - 실행가능 코드 수정 방지 방법, 컴퓨터 판독가능 매체, 실행가능 코드 수정 방지 시스템, 및 데이터 페이지 수정 방지 방법 - Google Patents

실행가능 코드 수정 방지 방법, 컴퓨터 판독가능 매체, 실행가능 코드 수정 방지 시스템, 및 데이터 페이지 수정 방지 방법 Download PDF

Info

Publication number
KR20080103976A
KR20080103976A KR1020087021029A KR20087021029A KR20080103976A KR 20080103976 A KR20080103976 A KR 20080103976A KR 1020087021029 A KR1020087021029 A KR 1020087021029A KR 20087021029 A KR20087021029 A KR 20087021029A KR 20080103976 A KR20080103976 A KR 20080103976A
Authority
KR
South Korea
Prior art keywords
executable code
executable
page
computer
computer readable
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
KR1020087021029A
Other languages
English (en)
Korean (ko)
Inventor
스코트 에이. 필드
Original Assignee
마이크로소프트 코포레이션
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 마이크로소프트 코포레이션 filed Critical 마이크로소프트 코포레이션
Publication of KR20080103976A publication Critical patent/KR20080103976A/ko
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1491Protection against unauthorised use of memory or access to memory by checking the subject access rights in a hierarchical protection system, e.g. privilege levels, memory rings
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/448Execution paradigms, e.g. implementations of programming paradigms

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Storage Device Security (AREA)
KR1020087021029A 2006-03-01 2007-02-28 실행가능 코드 수정 방지 방법, 컴퓨터 판독가능 매체, 실행가능 코드 수정 방지 시스템, 및 데이터 페이지 수정 방지 방법 Withdrawn KR20080103976A (ko)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/365,364 2006-03-01
US11/365,364 US20070234330A1 (en) 2006-03-01 2006-03-01 Prevention of executable code modification

Publications (1)

Publication Number Publication Date
KR20080103976A true KR20080103976A (ko) 2008-11-28

Family

ID=38475416

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020087021029A Withdrawn KR20080103976A (ko) 2006-03-01 2007-02-28 실행가능 코드 수정 방지 방법, 컴퓨터 판독가능 매체, 실행가능 코드 수정 방지 시스템, 및 데이터 페이지 수정 방지 방법

Country Status (7)

Country Link
US (1) US20070234330A1 (enExample)
EP (1) EP1989627A4 (enExample)
JP (1) JP4890569B2 (enExample)
KR (1) KR20080103976A (enExample)
CN (1) CN101395587B (enExample)
TW (1) TW200809573A (enExample)
WO (1) WO2007103192A2 (enExample)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20210047286A (ko) * 2020-08-31 2021-04-29 베이징 바이두 넷컴 사이언스 앤 테크놀로지 코., 엘티디. 칩을 검증하는 방법, 장치, 전자 기기, 저장 매체 및 프로그램

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070294426A1 (en) 2006-06-19 2007-12-20 Liquid Computing Corporation Methods, systems and protocols for application to application communications
US8856938B2 (en) * 2008-07-30 2014-10-07 Oracle America, Inc. Unvalidated privilege cap
KR101895453B1 (ko) * 2011-11-09 2018-10-25 삼성전자주식회사 이기종 컴퓨팅 환경에서 보안 강화 방법 및 장치
CN103268440B (zh) * 2013-05-17 2016-01-06 广东电网公司电力科学研究院 可信内核动态完整性度量方法
US20140366045A1 (en) * 2013-06-07 2014-12-11 Microsoft Corporation Dynamic management of composable api sets
CN104462956B (zh) * 2013-09-23 2017-07-25 安一恒通(北京)科技有限公司 一种获得操作系统控制权的方法和装置
US20180012024A1 (en) * 2015-01-30 2018-01-11 Hewlett-Packard Development Company, L.P. Processor state determination
US10803165B2 (en) * 2015-06-27 2020-10-13 Mcafee, Llc Detection of shellcode

Family Cites Families (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3916385A (en) * 1973-12-12 1975-10-28 Honeywell Inf Systems Ring checking hardware
US4809160A (en) * 1985-10-28 1989-02-28 Hewlett-Packard Company Privilege level checking instruction for implementing a secure hierarchical computer system
US5483649A (en) * 1994-07-01 1996-01-09 Ybm Technologies, Inc. Personal computer security system
US6775779B1 (en) * 1999-04-06 2004-08-10 Microsoft Corporation Hierarchical trusted code for content protection in computers
US6529985B1 (en) * 2000-02-04 2003-03-04 Ensim Corporation Selective interception of system calls
US6748592B1 (en) * 2000-02-14 2004-06-08 Xoucin, Inc. Method and apparatus for protectively operating a data/information processing device
US20040034794A1 (en) * 2000-05-28 2004-02-19 Yaron Mayer System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages
US6986052B1 (en) * 2000-06-30 2006-01-10 Intel Corporation Method and apparatus for secure execution using a secure memory partition
US7350204B2 (en) * 2000-07-24 2008-03-25 Microsoft Corporation Policies for secure software execution
US6854046B1 (en) * 2001-08-03 2005-02-08 Tensilica, Inc. Configurable memory management unit
KR100538659B1 (ko) * 2001-08-13 2005-12-26 콸콤 인코포레이티드 컴퓨터 장치의 저장 영역에 대한 애플리케이션 레벨 액세스 특권을 부여하는 방법 및 장치
US6745307B2 (en) * 2001-10-31 2004-06-01 Hewlett-Packard Development Company, L.P. Method and system for privilege-level-access to memory within a computer
US7308576B2 (en) * 2001-12-31 2007-12-11 Intel Corporation Authenticated code module
WO2003090052A2 (en) * 2002-04-18 2003-10-30 Advanced Micro Devices Inc. A computer system including a secure execution mode - capable cpu and a security services processor connected via a secure communication path
US7073042B2 (en) * 2002-12-12 2006-07-04 Intel Corporation Reclaiming existing fields in address translation data structures to extend control over memory accesses
US7594111B2 (en) * 2002-12-19 2009-09-22 Massachusetts Institute Of Technology Secure execution of a computer program
TWI229817B (en) * 2003-01-07 2005-03-21 Wistron Corp Kernel-mode operating system of application program and method thereof
US20050108516A1 (en) * 2003-04-17 2005-05-19 Robert Balzer By-pass and tampering protection for application wrappers
US7480655B2 (en) * 2004-01-09 2009-01-20 Webroor Software, Inc. System and method for protecting files on a computer from access by unauthorized applications
US7437759B1 (en) * 2004-02-17 2008-10-14 Symantec Corporation Kernel mode overflow attack prevention system and method
US20060036830A1 (en) * 2004-07-31 2006-02-16 Dinechin Christophe De Method for monitoring access to virtual memory pages
US20060047959A1 (en) * 2004-08-25 2006-03-02 Microsoft Corporation System and method for secure computing
KR100704721B1 (ko) * 2004-09-10 2007-04-06 (주) 세이프아이 실시간 감시를 통한 컴퓨터 보호 방법 및 이에 따라 보호되는 컴퓨터 보호 시스템과 실행가능한 파일이 보호되는 시스템
US7673345B2 (en) * 2005-03-31 2010-03-02 Intel Corporation Providing extended memory protection
US7607173B1 (en) * 2005-10-31 2009-10-20 Symantec Corporation Method and apparatus for preventing rootkit installation

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20210047286A (ko) * 2020-08-31 2021-04-29 베이징 바이두 넷컴 사이언스 앤 테크놀로지 코., 엘티디. 칩을 검증하는 방법, 장치, 전자 기기, 저장 매체 및 프로그램

Also Published As

Publication number Publication date
JP4890569B2 (ja) 2012-03-07
US20070234330A1 (en) 2007-10-04
WO2007103192A3 (en) 2007-11-01
TW200809573A (en) 2008-02-16
EP1989627A2 (en) 2008-11-12
CN101395587A (zh) 2009-03-25
JP2009528632A (ja) 2009-08-06
CN101395587B (zh) 2011-09-07
EP1989627A4 (en) 2009-11-04
WO2007103192A2 (en) 2007-09-13

Similar Documents

Publication Publication Date Title
US10691792B2 (en) System and method for process hollowing detection
US7836504B2 (en) On-access scan of memory for malware
US8850428B2 (en) User transparent virtualization method for protecting computer programs and data from hostile code
CN107949846B (zh) 恶意线程挂起的检测
JP4890569B2 (ja) 実行可能コード変更の防止
Litty et al. Manitou: a layer-below approach to fighting malware
US9678687B2 (en) User mode heap swapping
CN110348252A (zh) 基于信任区的操作系统和方法
US7665139B1 (en) Method and apparatus to detect and prevent malicious changes to tokens
US8615801B2 (en) Software authorization utilizing software reputation
CN1656432A (zh) 用于复位平台配置寄存器的系统和方法
US10929537B2 (en) Systems and methods of protecting data from malware processes
US9870466B2 (en) Hardware-enforced code paths
Schmid et al. Protecting data from malicious software
US7644271B1 (en) Enforcement of security policies for kernel module loading
US7607173B1 (en) Method and apparatus for preventing rootkit installation
KR20070118074A (ko) 외래 코드 검출을 위한 시스템 및 방법
Schmidt et al. Malware detection and kernel rootkit prevention in cloud computing environments
Zhang et al. SecureBus: towards application-transparent trusted computing with mandatory access control
CN1773412A (zh) 数据完整性保护方法
KR20060050768A (ko) 액세스 인가 api
US7979865B2 (en) Identifying separate threads executing within a single process
Dai et al. Roppdroid: Robust permission re-delegation prevention in android inter-component communication
JP4853671B2 (ja) アクセス権限判定システム、アクセス権限判定方法及びアクセス権限判定プログラム
RU2609761C1 (ru) Способ выполнения кода в режиме гипервизора

Legal Events

Date Code Title Description
PA0105 International application

Patent event date: 20080827

Patent event code: PA01051R01D

Comment text: International Patent Application

PG1501 Laying open of application
PC1203 Withdrawal of no request for examination
WITN Application deemed withdrawn, e.g. because no request for examination was filed or no examination fee was paid