System and method for sampling forensic data of unauthorized activities using executability states
US8789189B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 17, 2011 |
| Grant date | Jul 22, 2014 |
| Priority date | — |
| Expiry date | Aug 30, 2032 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2201/815
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A method includes receiving a list of target addresses, locating a first page table entry corresponding to the first page, and determining the first executability state. When the first executability state is non-executable, a first set of one or more target addresses that correspond to the first page, and a second set of one or more target addresses that correspond to one or more pages other than the first page are identified. One or more target addresses are stored in breakpoint registers of the computer system. The first executability state of the first page table entry is set as executable, and the executability states of page table entries that correspond to the second set of target addresses are set as non-executable. When the first address matches one of the target addresses stored in the breakpoint registers, forensic data is recorded.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.