Patent · US Active

Command injection identification

US11403391B2 · kind B2 · utility

0Cited by

1References

17Claims

0Family size

Assignee

JFrog Ltd. · IL

Inventors

Asaf Karas · Givatayim, IL
Or Peles · Tel Aviv-Yafo, IL
Meir Tsvi · Nes Ziona, IL
Anton Nayshtut · Netanya, IL

Key dates

Filing date	Nov 18, 2019
Grant date	Aug 2, 2022
Priority date	—
Expiry date	Dec 9, 2040

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/033
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A method, system and product for command injection identification. An input hook function is configured to be executed in response to a potential input provisioning event. The input hook function is configured to perform: analyzing a potential input of the potential input provisioning event to identify whether the potential input comprises a command separator and an executable product; and in response to identifying the command separator and the executable product, recording a suspicious input event indicating the command separator and the executable product. An execution hook function is configured to be executed in response to a potential execution event. The execution hook function is configured to perform: in response to a determination that an execution command of the potential execution event comprises the command separator and the executable product of the suspicious input event, flagging the execution command as a command injection attack.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.