Patents Assigned to MORPHISEC INFORMATION SECURITY 2014 LTD.
  • Patent number: 11171987
    Abstract: Various automated techniques are described herein for protecting computing devices from malicious code injection and execution by providing a malicious process with incorrect information regarding the type and/or version and/or other characteristics of the operating system and/or the targeted program and/or the targeted computing device. The falsified information tricks the malicious process into injecting shellcode that is incompatible with the targeted operating system, program and/or computing device. When the incompatible, injected shellcode attempts to execute, it fails as a result of the incompatibility, thereby protecting the computing device.
    Type: Grant
    Filed: December 28, 2017
    Date of Patent: November 9, 2021
    Assignee: Morphisec Information Security 2014 Ltd.
    Inventors: Mordechai Guri, Ronen Yehoshua, Michael Gorelik
  • Patent number: 10528735
    Abstract: Various approaches are described herein for, among other things, detecting and/or neutralizing attacks by malicious code. For example, instance(s) of a protected process are modified upon loading by injecting a runtime protector that creates a copy of each of the process' imported libraries and maps the copy into a random address inside the process' address space to form a “randomized” shadow library. The libraries loaded at the original address are modified into a stub library. Shadow and stub libraries are also created for libraries that are loaded after the process creation is finalized. Consequently, when malicious code attempts to retrieve the address of a given procedure, it receives the address of the stub procedure, thereby neutralizing the malicious code. When the original program's code (e.g., the non-malicious code) attempts to retrieve the address of a procedure, it receives the correct address of the requested procedure (located in the shadow library).
    Type: Grant
    Filed: May 8, 2015
    Date of Patent: January 7, 2020
    Assignee: Morphisec Information Security 2014 Ltd.
    Inventors: Michael Gorelik, Mordechai Guri, David Mimran, Gabriel Kedma, Ronen Yehoshua
  • Patent number: 10515215
    Abstract: The invention relates to a method for providing a computerized system which is protected from unauthorized programs coming from an external source, the method comprises the steps of (a) secretly, and in a manner unknown to authors of external programs, providing a non-standard compiler which mutates (modifies) each high level program to one or more non-standard mutated machine code instructions that a standard CPU cannot properly execute! (b) subjecting all authorized programs to said non-standard compiler; and (c) providing a translator which converts each mutated machine code instruction resulting from said non-standard compiler to a respective standard instruction which the CPU can properly execute, whereas any program which is not subjected to both said non-standard compiler and said translator will result in one or more instructions that the CPU cannot properly execute.
    Type: Grant
    Filed: March 28, 2016
    Date of Patent: December 24, 2019
    Assignee: MORPHISEC INFORMATION SECURITY 2014 LTD.
    Inventors: Mordechai Guri, Yuval Elovici, Gabi Kedma
  • Publication number: 20180137280
    Abstract: The invention relates to a method for providing a computerized system which is protected from unauthorized programs coming from an external source, the method comprises the steps of (a) secretly, and in a manner unknown to authors of external programs, providing a non-standard compiler which mutates (modifies) each high level program to one or more non-standard mutated machine code instructions that a standard CPU cannot properly execute! (b) subjecting all authorized programs to said non-standard compiler; and (c) providing a translator which converts each mutated machine code instruction resulting from said non-standard compiler to a respective standard instruction which the CPU can properly execute, whereas any program which is not subjected to both said non-standard compiler and said translator will result in one or more instructions that the CPU cannot properly execute.
    Type: Application
    Filed: March 28, 2016
    Publication date: May 17, 2018
    Applicant: MORPHISEC INFORMATION SECURITY 2014 LTD.
    Inventors: Mordechai Guri, Yuval Elovici, Gabi Kedma
  • Patent number: 9703954
    Abstract: The invention relates to a method for providing a computerized system which is protected from malicious programs coming from an external source, the method comprises the steps of (a) secretly, and in a manner unknown to authors of external programs, modifying one or more essential elements at the protected system in a manner which causes all running programs to fail, unless they are subjected to a compatible modification which enables them to run properly; and (b) modifying each program at the computerized system which is known to be benign in order to comply with said modification of one or more essential elements, thereby to enable it to be executed properly.
    Type: Grant
    Filed: January 15, 2014
    Date of Patent: July 11, 2017
    Assignee: MORPHISEC INFORMATION SECURITY 2014 LTD.
    Inventors: Mordehai Guri, Yuval Elovici, Gabi Kedma