-
Patent Agency Ranking
公开(公告)号:US20210056008A1
公开(公告)日:2021-02-25
申请号:US16550056
申请日:2019-08-23
Applicant: Raytheon Company
Inventor: Daniel S. Rose
Abstract: A computer system includes an operating system, a memory coupled to the operating system, and a processor (e.g., an anti-debug processor) coupled to the operating system. The operating system receives, from a debug process, a request to create an essential debug object for attachment to a target process. The anti-debug processor scans a kernel memory of the operating system for the essential debug object and verifies a presence of the essential debug object in the kernel memory, and scans the kernel memory to identify a process that has stored in the kernel memory the essential debug object. The anti-debug processor then halts the debug process, without using an internal interface or function of the operating system, thereby preventing the debug process from attaching to the target process.
-
公开(公告)号:US11409635B2
公开(公告)日:2022-08-09
申请号:US16550056
申请日:2019-08-23
Applicant: Raytheon Company
Inventor: Daniel S. Rose
Abstract: A computer system includes an operating system, a memory coupled to the operating system, and a processor (e.g., an anti-debug processor) coupled to the operating system. The operating system receives, from a debug process, a request to create an essential debug object for attachment to a target process. The anti-debug processor scans a kernel memory of the operating system for the essential debug object and verifies a presence of the essential debug object in the kernel memory, and scans the kernel memory to identify a process that has stored in the kernel memory the essential debug object. The anti-debug processor then halts the debug process, without using an internal interface or function of the operating system, thereby preventing the debug process from attaching to the target process.
-
公开(公告)号:US20240340306A1
公开(公告)日:2024-10-10
申请号:US18627922
申请日:2024-04-05
Applicant: Raytheon Company
Inventor: Torsten A. Staab , Daniel S. Rose , Travis R. Durbin
IPC: H04L9/40
CPC classification number: H04L63/1441 , H04L63/1416
Abstract: A method, involving; detecting an event; identifying one or more security tools that are currently part of an inventory of security tools; generating a playbook based on the inventory, the playbook being generated responsive to the event, the playbook being a script that includes one or more commands, each of the commands corresponding to a respective security tool in the inventory of security tools; and executing the playbook.
-
公开(公告)号:US20220058271A1
公开(公告)日:2022-02-24
申请号:US16996529
申请日:2020-08-18
Applicant: Raytheon Company
Inventor: Daniel S. Rose
IPC: G06F21/57 , G06F21/56 , G06F21/54 , G06F9/4401 , G06F9/445
Abstract: A system detects deviation from a computer operating system boot and operating system load. The system identifies approved operating system boot modules, approved operating system load modules, essential operating system boot components, and essential operating system configuration information, which are then hashed to create an operating system boot profile. The operating system boot modules and the operating system load modules are then executed to start the operating system. The operating system boot profile is used to verify that that there has not be any deviation from the start of the operating system.
-
公开(公告)号:US11423153B2
公开(公告)日:2022-08-23
申请号:US16996529
申请日:2020-08-18
Applicant: Raytheon Company
Inventor: Daniel S. Rose
Abstract: A system detects deviation from a computer operating system boot and operating system load. The system identifies approved operating system boot modules, approved operating system load modules, essential operating system boot components, and essential operating system configuration information, which are then hashed to create an operating system boot profile. The operating system boot modules and the operating system load modules are then executed to start the operating system. The operating system boot profile is used to verify that that there has not be any deviation from the start of the operating system.
-
-
-
-
Search Results
5
records
(took 0.01 seconds)
