-
Patent Agency Ranking
公开(公告)号:US10402564B2
公开(公告)日:2019-09-03
申请号:US15623589
申请日:2017-06-15
Applicant: NEC Laboratories America, Inc.
Inventor: Junghwan Rhee , Yuseok Jeon , Zhichun Li , Kangkook Jee , Zhenyu Wu , Guofei Jiang
Abstract: A computer-implemented method for analyzing operations of privilege changes is presented. The computer-implemented method includes inputting a program and performing source code analysis on the program by generating a privilege control flow graph (PCFG), generating a privilege data flow graph (PDFG), and generating a privilege call context graph (PCCG). The computer-implemented method further includes, based on the source code analysis results, instrumenting the program to perform inspections on execution states at privilege change operations, and performing runtime inspection and anomaly prevention.
-
公开(公告)号:US20180054445A1
公开(公告)日:2018-02-22
申请号:US15623538
申请日:2017-06-15
Applicant: NEC Laboratories America, Inc.
Inventor: Junghwan Rhee , Yuseok Jeon , Zhichun Li , Kangkook Jee , Zhenyu Wu , Guofei Jiang
IPC: H04L29/06
CPC classification number: H04L63/1425 , G06F21/55 , G06F21/606 , G06F2221/2141 , G06F2221/2145 , H04L63/1433
Abstract: A computer-implemented method for performing privilege flow analysis is presented. The computer-implemented method includes monitoring at least one program operating system (OS) event handled by a program, generating a privilege flow graph, determining an inferred program behavior context, and generating, based on a combination of the privilege flow graph and the inferred program behavior context, an inferred behavior context-aware privilege flow graph to distinguish different roles of processes and/or threads within the program.
-
公开(公告)号:US20180052998A1
公开(公告)日:2018-02-22
申请号:US15623589
申请日:2017-06-15
Applicant: NEC Laboratories America, Inc.
Inventor: Junghwan Rhee , Yuseok Jeon , Zhichun Li , Kangkook Jee , Zhenyu Wu , Guofei Jiang
CPC classification number: G06F21/566 , G06F21/54 , G06F21/563 , G06F21/577 , G06F21/6218 , G06F2221/034 , G06F2221/2141
Abstract: A computer-implemented method for analyzing operations of privilege changes is presented. The computer-implemented method includes inputting a program and performing source code analysis on the program by generating a privilege control flow graph (PCFG), generating a privilege data flow graph (PDFG), and generating a privilege call context graph (PCCG). The computer-implemented method further includes, based on the source code analysis results, instrumenting the program to perform inspections on execution states at privilege change operations, and performing runtime inspection and anomaly prevention.
-
公开(公告)号:US20180052995A1
公开(公告)日:2018-02-22
申请号:US15652796
申请日:2017-07-18
Applicant: NEC Laboratories America, Inc.
Inventor: Zhenyu Wu , Jungwhan Rhee , Yuseok Jeon , Zhichun Li , Kangkook Jee , Guofei Jiang
Abstract: Methods and systems for security analysis include determining whether a process has an origin internal to a system or external to the system using a processor based on monitored behavior events associated with the process. A security analysis is performed on only processes that have an external origin to determine if any of the processes having an external origin represent a security threat. A security action is performed if a process having an external origin is determined to represent a security threat.
-
公开(公告)号:US10572661B2
公开(公告)日:2020-02-25
申请号:US15652796
申请日:2017-07-18
Applicant: NEC Laboratories America, Inc.
Inventor: Zhenyu Wu , Jungwhan Rhee , Yuseok Jeon , Zhichun Li , Kangkook Jee , Guofei Jiang
Abstract: Methods and systems for security analysis include determining whether a process has an origin internal to a system or external to the system using a processor based on monitored behavior events associated with the process. A security analysis is performed on only processes that have an external origin to determine if any of the processes having an external origin represent a security threat. A security action is performed if a process having an external origin is determined to represent a security threat.
-
-
-
-
Search Results
5
records
(took 0.011 seconds)
