METHOD OF INVOKING SYSTEM FUNCTIONS IN CONDITIONS OF USE OF AGENTS FOR PROTECTING OPERATING SYSTEM KERNEL Russian patent published in 2016 - IPC G06F9/06 

Abstract RU 2585978 C2

FIELD: information security.

SUBSTANCE: invention relates to antivirus technologies, and more specifically to a method of creating handler system calls. According to one version, method of system function call, during which following steps are performed: loading hypervisor for interception of handler system calls. Modifying structure of operating system kernel, connected to system function call, said structure operating system kernel includes at least: a) a system call; b) system call table in which address of call is replaced with at least one system function call address on other function with maintaining original address system function call; intercepting system call handler call by hypervisor; calling another function at any replacement address in system call; calling system function on stored original address.

EFFECT: technical result consists in a system function call in conditions of use of operating system kernel protection means.

1 cl, 7 dwg

Similar patents RU2585978C2

Title Year Author Number
METHOD OF CREATING A SYSTEM CALL HANDLER 2014
  • Yudin Maksim Vitalevich
  • Tarasenko Aleksandr Sergeevich
  • Levchenko Vyacheslav Ivanovich
  • Kumagin Igor Yurevich
RU2596577C2
METHOD OF ACCESSING PROCEDURES OF LOADING DRIVER 2014
  • Rusakov Vyacheslav Evgenevich
  • Kirzhemanov Andrej Leonidovich
  • Parshin Yurij Gennadevich
RU2586576C1
METHOD FOR CODE PERFORMANCE IN HYPERVISOR MODE 2015
  • Igotti Nikolaj Nikolaevich
  • Ershov Mikhail Aleksandrovich
RU2609761C1
METHOD OF PROVIDING COLLABORATIVE OPERATION OF SEVERAL HYPERVISORS IN COMPUTER SYSTEM 2014
  • Levchenko Vyacheslav Ivanovich
  • Kumagin Igor Yurevich
RU2589853C1
SYSTEM AND METHODS FOR AUDITING A VIRTUAL MACHINE 2017
  • Lukacs Sandor
  • Lutas Andrei-Vlad
  • Anichitei Ionel C.
RU2691187C1
MEMORY INTROSPECTION ENGINE FOR PROTECTING INTEGRITY OF VIRTUAL MACHINES 2014
  • Lutsas Andrej-Vlad
  • Lukaks Sandor
  • Lutsas Dan-Khorya
RU2640300C2
SYSTEM AND METHOD OF DETECTING MALICIOUS CODE IN FILE 2016
  • Golovkin Maksim Yurevich
  • Monastyrskij Aleksej Vladimirovich
  • Pintijskij Vladislav Valerevich
  • Pavlyushchik Mikhail Aleksandrovich
  • Butuzov Vitalij Vladimirovich
  • Karasovskij Dmitrij Valerievich
RU2637997C1
SYSTEM AND METHOD OF GENERATING LOG WHEN EXECUTING FILE WITH VULNERABILITIES IN VIRTUAL MACHINE 2018
  • Monastyrskij Aleksej Vladimirovich
  • Pavlyushchik Mikhail Aleksandrovich
  • Pintijskij Vladislav Valerevich
  • Anikin Denis Vyacheslavovich
  • Kirsanov Dmitrij Aleksandrovich
RU2724790C1
SYSTEM AND METHOD FOR PERFORMING ANTI-VIRUS SCAN OF FILE ON VIRTUAL MACHINE 2016
  • Monastyrskij Aleksej Vladimirovich
  • Butuzov Vitalij Vladimirovich
  • Golovkin Maksim Yurevich
  • Karasovskij Dmitrij Valerievich
  • Pintijskij Vladislav Valerevich
  • Kobychev Denis Yurevich
RU2628921C1
SYSTEM AND METHOD OF PROTECTING COMPUTER APPLICATIONS 2011
  • Rusakov Vjacheslav Evgen'Evich
  • Shirjaev Aleksandr Vasil'Evich
RU2460133C1

RU 2 585 978 C2

Authors

Yudin Maksim Vitalevich

Tarasenko Aleksandr Sergeevich

Levchenko Vyacheslav Ivanovich

Kumagin Igor Yurevich

Dates

2016-06-10Published

2014-09-30Filed