Information security – Monitoring or scanning of software or data including attack... – Vulnerability assessment
Reexamination Certificate
2007-10-09
2007-10-09
Moazzami, Nasser (Department: 2136)
Information security
Monitoring or scanning of software or data including attack...
Vulnerability assessment
C726S022000, C726S023000, C726S024000, C713S165000, C713S167000, C713S188000
Reexamination Certificate
active
10671152
ABSTRACT:
A method includes determining whether the exception handling frames on the stack are uncorrupt prior to execution of an exception handler dispatcher. Upon a determination that the exception handling frames on the stack are uncorrupt, the method further includes allowing the execution of the exception handler dispatcher to proceed. Conversely, upon a determination that the exception handling frames on the stack are corrupt, protective action is taken to prevent the malicious code on the host computer system from exploiting and/or damaging the host computer system.
REFERENCES:
patent: 5822517 (1998-10-01), Dotan
patent: 6301699 (2001-10-01), Hollander et al.
patent: 6412071 (2002-06-01), Hollander et al.
Xenitellis, S., ‘Security Vulnerabilities in Event-Driven Systems’, ISG, Royal Holloway Univ. of London, 2002, entire document, http://www.isg.rhul.ac.uk/˜simos/pub/OLD/SecurityVulnerabilitiesInEvent-drivenSystems.pdf.
Choi, Y., et al, ‘A New Stack Buffer Overflow Hacking Defense Technique with Memory Address Confirmation’, ICISC 2001: 4th International Conference Seoul, Korea, Dec. 6-7, 2001. Proceedings, pp. 146-159, http://www.springerlink.com/content/x8tn836pk6wy8kw/fulltext.pdf.
Cheriton, D., et al, ‘A Caching Model of Operating System Kernel Functionality’, CS Dept., Stanford Univ., 1994, entire document, http://delivery.acm.org/10.1145/1270000/1267652/p14-cheriton.pdf?key1=1267652&key2=6653845811&coll=&dl=&CFID=15151515&CFTOKEN=6184618.
Chien, E. and Szor, P., “Blended Attacks Exploits, Vulnerabilities and Buffer-Overflow Techniques In Computer Viruses”, Virus Bulletin Conference, Sep. 2002, Virus Bulletin Ltd., The Pentagon, Abingdon, Oxfordshire, England, pp. 1-36.
Dabak, P., Borate, M. and Phadke, S.,“Hooking Windows NT System Services”, pp. 1-8 [online]. Retrieved on Apr. 16, 2003. Retrieved from the Internet: <URL:http://www.windowsitlibrary.com/Content/356/06/2.html>.
“How Entercept Protects: System Call Interception”, pp. 1-2 [online]. Retrieved on Apr. 16, 2003. Retrieved from the Internet: <URL:http://www.entercept.com/products/technology/kernelmode.asp>. No author provided.
“How Entercept Protects: System Call Interception”, p. 1 [online]. Retrieved on Apr. 16, 2003. Retrieved from the Internet : <URL:http://www.entercept.com/products/technology/interception.asp>. No author provided.
McCorkendale, B. and Szor, P., “Code Red Buffer Overflow”, Virus Bulletin, Sep. 2001, Virus Bulletin Ltd., The Pentagon, Abingdon, Oxfordshire, England, pp. 4-5.
Pietrek, M., “Under the Hood, new Vectored Exception Handling in Windows XP”, pp. 1-7 [online]. Retrieved on Aug. 6, 2003. Retrieved from the Internet : <URL:http://msdn.microsoft.com/msdnmag/issues/01/09/hood/default.aspx>.
Pietrek, M., “A Crash Course on the Depths of Win32tm Structured Exception Handling”, Jan. 1997, 24 pages. Retrieved from the Internet: <URL:http://WWW.Microsoft.com/msj/0197/exception/exception.aspx> on Aug. 6, 2003.
Baum Ronald
Gunnison McKay & Hodgson, L.L.P.
Hodgson Serge J.
Moazzami Nasser
Symantec Corporation
LandOfFree
Exception handling validation system and method does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Exception handling validation system and method, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Exception handling validation system and method will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3903477