发明名称 |
Systems and methods for detecting a process to establish a backdoor connection with a computing device |
摘要 |
A computer-implemented method for detecting a process to establish a backdoor connection with the computer is described. An application programming interface (API) is hooked. Calls to the hooked API are monitored. A call directed to the hooked API is intercepted. The call instructs the API to initiate a user interface. Structures included in the intercepted call are analyzed. The intercepted call is prevented from arriving at the hooked API if the structures are directed to a socket on the computer. |
申请公布号 |
US8683576(B1) |
申请公布日期 |
2014.03.25 |
申请号 |
US20090571121 |
申请日期 |
2009.09.30 |
申请人 |
YUN JAMES;SYMANTEC CORPORATION |
发明人 |
YUN JAMES |
分类号 |
G06F7/04;G06F12/00;G06F12/14;G06F13/00;G06F17/30;G11C7/00 |
主分类号 |
G06F7/04 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|