Import address table verification

Electrical computers and digital processing systems: support – Data processing protection using cryptography – By stored data protection

Reexamination Certificate

Rate now

[ 0.00 ] – not rated yet Voters 0 Comments 0

Details Import address table verification Import address table verification

: 2004-03-05
: 2010-06-15
: Smithers, Matthew B (Department: 2437)
: Electrical computers and digital processing systems: support
: Data processing protection using cryptography
: By stored data protection

: C713S170000, C713S187000, C719S331000, C717S127000, C717S163000
: Reexamination Certificate
: active
: 07739516
: ABSTRACT:
The import address table of a software module is verified in order to prevent detouring attacks. A determination is made regarding which entries in the IAT must be verified; all of the entries may be verified or some subset of the entries that are critical may be verified. For each external function, the external module containing the external function is loaded, if it is not already loaded. The function address in the exported function table is found. That address is compared to the address for the function in the IAT. Additionally, the external module, in one embodiment, is verified to ensure that it has not been modified. For a delay load IAT, a similar procedure is followed; however the delay load IAT may be periodically checked to ensure that the delay load IAT entries are either valid (indicating that the external function has been bound) or in their initial state (indicating that no binding has yet occurred).

REFERENCES:
patent: 6253258 (2001-06-01), Cohen
patent: 6802006 (2004-10-01), Bodrov
patent: 7360097 (2008-04-01), Rothstein
patent: 2005/0108562 (2005-05-01), Khazan et al.
Marchesini et al. “Keyjacking: Risks of the Current Client-side Infrastructure”, 2nd Annual PKI Research Workshop, Apr. 21, 2003.
Hunt, G. et al., “Detours: Binary Interception of Win32 Functions”,Proceedings of the 3rdUSENIX Windows NT Symposium, Jul. 1999, Seattle, WA., 1-9.
Leman, D., “Spying on COM Objects”, Jul. 1999, 10(7), http://www.windevnet.com/wdm/articles/1999/9907/, 1 page.
Pietrek, M., “Under The Hood”, http://microsoft.com/msj/0200/hood0200.aspx, Feb. 2000, 9 pages.

Affiliated with

Brender Scott A.

Inventor

[ 0.00 ] – not rated yet Voters 0 Comments 0

Lafornara Philip J.

Inventor

[ 0.00 ] – not rated yet Voters 0 Comments 0

Marr Michael David

Inventor

[ 0.00 ] – not rated yet Voters 0 Comments 0

Oliver Robert Ian

Inventor

[ 0.00 ] – not rated yet Voters 0 Comments 0

Also associated with

Gelagay Shewaye

Examiner

[ 0.00 ] – not rated yet Voters 0 Comments 0

Microsoft Corporation

Corporate Assignee

[ 0.00 ] – not rated yet Voters 0 Comments 0

Smithers Matthew B

Examiner

[ 0.00 ] – not rated yet Voters 0 Comments 0

Woodcock & Washburn LLP

Law Firm

[ 0.00 ] – not rated yet Voters 0 Comments 0

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Import address table verification does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Import address table verification, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Import address table verification will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFUS-PAI-O-4217745

All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.

Canada

Charities
Companies
MP Candidates
Patents
Employee Salary Disclosure

World

Places of the World
Scientific Papers

United States

Banks
Companies
Counties
Patents
Employee Salary Disclosure