As new technologies continue to emerge, the reliance on these technologies to perform a variety of transactions continues to grow. A user may rely on one or more devices (e.g., smart phone, tablet computer, laptop computer, desktop computer, etc.) to perform various tasks such as, for example, communicating (e.g., email, messaging, social media, videoconferencing, etc.), account accessing, financial transactions, commercial transactions, positioning (e.g., navigation, location determination, etc.), etc. The data required to perform these various task may include, for example, personal identification (ID) information, home or professional address information, account ID information, account passwords, contact information, personal images and/or videos, etc. The availability of this type of data in a centralized location may be attractive to those who may have malicious and/or unlawful intent. Thus, a hacker may attack a device directly and/or may generate malicious software (e.g., malware) to surreptitiously attack the device to get access to personal and/or confidential data in the device, or even to take remote control over the device.
To combat the threat, equipment and software developers continue to try to develop more impregnable protective measures. However, hackers have proved to be adept at circumventing defenses soon after they are released. For example, an application program interface (API) may include a set of standard program characteristics (e.g., routines, protocols, tools, etc.) that other applications may use when interacting with the program. While this standardization may make is easier to design programs that work together, hackers have also figured out that a device may be made to operate in an unexpected manner by altering API calls to change how programs are called, which programs are called, etc. As a result, security solution providers have built checks into software that may redirect API calls to an inspection engine to determine if the calls are legitimate (e.g., to cause intended program execution). Calls that are determined to be legitimate may be allowed to proceed, and calls that are questionable may cause the device to engage protective measures to avoid being compromised. However, even as this protection is incorporated into new devices, hackers are developing new ways to bypass these API inspection redirects to avoid detection.
Although the following Detailed Description will proceed with reference being made to illustrative embodiments, many alternatives, modifications and variations thereof will be apparent to those skilled in the art.