-
公开(公告)号:US09602528B2
公开(公告)日:2017-03-21
申请号:US14712421
申请日:2015-05-14
Applicant: NEC Laboratories America, Inc.
Inventor: Zhiyun Qian , Jun Wang , Zhichun Li , Zhenyu Wu , Junghwan Rhee , Xia Ning , Guofei Jiang
CPC classification number: H04L63/1425 , G06F11/30 , G06F21/50 , G06F21/552 , G06F21/554 , G06N99/005 , H04L63/1441
Abstract: Methods and systems for process constraint include collecting system call information for a process. It is detected whether the process is idle based on the system call information and then whether the process is repeating using autocorrelation to determine whether the process issues system calls in a periodic fashion. The process is constrained if it is idle or repeating to limit an attack surface presented by the process.
-
公开(公告)号:US20150334128A1
公开(公告)日:2015-11-19
申请号:US14712421
申请日:2015-05-14
Applicant: NEC Laboratories America, Inc.
Inventor: Zhiyun Qian , Jun Wang , Zhichun Li , Zhenyu Wu , Junghwan Rhee , Xia Ning , Guofei Jiang
CPC classification number: H04L63/1425 , G06F11/30 , G06F21/50 , G06F21/552 , G06F21/554 , G06N99/005 , H04L63/1441
Abstract: Methods and systems for process constraint include collecting system call information for a process. It is detected whether the process is idle based on the system call information and then whether the process is repeating using autocorrelation to determine whether the process issues system calls in a periodic fashion. The process is constrained if it is idle or repeating to limit an attack surface presented by the process.
Abstract translation: 过程约束的方法和系统包括收集过程的系统调用信息。 基于系统调用信息检测进程是否空闲,然后检查进程是否使用自相关重复以确定进程是否以周期性方式发出系统调用。 如果空闲或重复限制进程所呈现的攻击面,则该进程受到约束。
-
Search Results
2
records
(took 0.024 seconds)
