Null-byte injection detection
US10044752B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Sep 30, 2015 |
| Grant date | Aug 7, 2018 |
| Priority date | — |
| Expiry date | Jun 25, 2036 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1408
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A single system for detecting and blocking all cases of null-byte injection in all text data received for a network, before the text reaches potentially vulnerable services in the network. A set of directed graphs is received, each one of the directed graphs corresponding to a singly encoded null-byte that is encoded according to a corresponding character encoding method contained within a set of character encoding methods. The set of directed graphs is used to generate an output finite-state machine that models detection of at least one multiply encoded null-byte that is encoded according to at least one of the character encoding methods contained in the set of character encoding methods. The output finite-state machine is loaded into an attack detection and prevention system that receives input text, and that detects null-bytes, including multiply encoded null-bytes, within the input text.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.