首页> 外国专利> DEDUCING ATTACKER - VICTIM RELATIONSHIP BETWEEN PROCESSES

DEDUCING ATTACKER - VICTIM RELATIONSHIP BETWEEN PROCESSES

机译：减少攻击者-过程之间的受害者关系

页面导航

摘要
著录项
相似文献

摘要

According to an aspect of the present disclosure, a kernel space and a user space for execution of instructions is provided in a computer system. A process executes in the user space and multiple modules execute in the kernel space, with the modules also generating events. It is then determined whether the generated events includes a set of events matching a pre-specified pattern representing a malicious process. If such as set of events is determined to be present, the process is notified as a malicious process. The steps of determining and notifying are performed in user space.

机译：根据本公开的一方面，在计算机系统中提供了用于执行指令的内核空间和用户空间。一个进程在用户空间中执行，多个模块在内核空间中执行，这些模块还生成事件。然后确定所生成的事件是否包括与代表恶意进程的预定模式匹配的一组事件。如果确定存在这样的事件集，则将该过程通知为恶意过程。确定和通知的步骤在用户空间中执行。

著录项

公开/公告号IN2015MU04133A

专利类型
公开/公告日2017-11-17

原文格式PDF
申请/专利权人
展开▼

申请/专利号IN4133/MUM/2015
发明设计人 SUSHIL KUMAR KUCHAN;ROHAN KUMBHAR;
展开▼

申请日2015-10-31
分类号G06F17/50;
国家 IN
入库时间 2022-08-21 12:52:19

相似文献

专利
外文文献
中文文献