System and method for identifying and mitigating cyberattacks through malicious position-independent code execution
US11886585B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Sep 27, 2019 |
| Grant date | Jan 30, 2024 |
| Priority date | — |
| Expiry date | Mar 10, 2041 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/57
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A computing system including a processor and a memory, which includes a first memory region operating as a kernel space and a second memory region operating as a user space. Maintained within the kernel space, a first logic unit receives a notification identifying a newly created thread and extracts at least meta-information associated with the newly created thread. Maintained within the user space, a second logic unit receives at least the meta-information associated with the newly created thread and conducts analytics on at least the meta-information to attempt to classify the newly created thread. An alert is generated by the second logic unit upon classifying the newly created thread as a cyberattack associated with a malicious position independent code execution based at least on results of the analytics associated with the meta-information associated with the newly created thread.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.