The abstract of the patent published by the U.S. Patent and Trademark Office states: "Provided are methods and computer program products for monitoring system calls in an operating system using safely removable system function table chaining. Methods may include loading a collector application driver providing one or more dispatch functions corresponding to one or more system functions, each dispatch function operable to call a pre-hook function prior to calling a system function, to call the system function, and to call a post-hook function following the call to the system function. A metadata block in pinned kernel memory contains, for each system function, access descriptors to the system function and the pre- and/or post-hook functions for the system function. The dispatch functions are copied into the pinned kernel memory, and the operating system's access descriptors for the system functions are altered to instead point to the corresponding dispatch functions."
The patent application was filed on
Written by Satyaban Rath; edited by
Most Popular Stories
- NSA Defends Global Cellphone Tracking Legality
- Apple Wants Samsung to Pay $22M for Patent Dispute Legal Bills
- Shanghai Smog Forces Factory Shutdowns
- Apple Paid Its Lawyers More Than $60MM to Defeat Samsung in Court
- Economic Bright Spots Not a Sure Boost for President Obama
- Starbucks Gets Grinchy; No Gingerbread Lattes for Tampa Customers
- US Consumer Borrowing Rose $18.2B in Oct.
- 2014 World Cup Official Noisemakers Quieter than Vuvuzelas
- Networks Vie for U.S. Hispanic TV Viewers
- Ad Counts Rise in 2013 for Hispanic Magazines