	US 12,455,961 B2
	Detecting potential malware in host memory
Nir Rosen, Pardes Hana-Karkur (IL); Katya Egert-Berg, Tel Aviv (IL); Rami Ailabouni, Eilabun (IL); Ohad Peres, Tel Aviv (IL); Elad Haimovich, Kiryat Bialik (IL); Vadim Gechman, Hulda (IL); Haim Elisha, V, Ashkelon (IL); Adi Peled, Kefar Saba (IL); Chen Rozenbaum, Beer Yakov (IL); Ahmad Saleh, Nazareth (IL); and Shie Mannor, Haifa (IL)
Assigned to Mellanox Technologies, Ltd., Yokneam (IL)
Filed by Mellanox Technologies, Ltd., Yokneam (IL)
Filed on Mar. 13, 2023, as Appl. No. 18/120,807.
Claims priority of provisional application 63/406,465, filed on Sep. 14, 2022.
Prior Publication US 2024/0086527 A1, Mar. 14, 2024
Int. Cl. G06F 21/55 (2013.01); G06F 21/52 (2013.01); G06F 21/56 (2013.01)

CPC G06F 21/554 (2013.01) [G06F 21/52 (2013.01); G06F 21/566 (2013.01); G06F 2221/034 (2013.01)]

28 Claims

1. A method comprising:

obtaining, by a network interface, one or more machine code segments at least one of loaded or injected into a process;

using a data structure to identify a region of memory used by the process to store the one or more machine code segments;

obtaining, by the network interface, assembly code for the one or more machine code segments stored in the region of memory; and

determining, by the network interface, whether the assembly code is likely to perform at least one unauthorized task.