Runtime detection and mitigation of vulnerabilities in application software containers
US10922418B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | May 9, 2018 |
| Grant date | Feb 16, 2021 |
| Priority date | — |
| Expiry date | Aug 29, 2038 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/033
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A system and method for runtime detection of vulnerabilities in an application software container that is configured to execute an application. The method includes detecting the application stored in an image of the application software container; identifying, based on at least one predetermined potential location for the application, configuration data stored in the application software container for the application; determining, based on the identified configuration data, at least one intended behavior of the application when executed in the application software container; monitoring execution of the application software container, wherein the monitoring includes comparing the execution of the application software container to the at least one intended behavior; detecting an unauthorized action by the application software container when the execution of the application software container is anomalous as compared to the at least one intended behavior; and generating a detection event when the unauthorized action by the software container is detected.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.