首页>
外国专利>
DEDUCING ATTACKER - VICTIM RELATIONSHIP BETWEEN PROCESSES
DEDUCING ATTACKER - VICTIM RELATIONSHIP BETWEEN PROCESSES
展开▼
机译:减少攻击者-过程之间的受害者关系
展开▼
页面导航
摘要
著录项
相似文献
摘要
According to an aspect of the present disclosure, a kernel space and a user space for execution of instructions is provided in a computer system. A process executes in the user space and multiple modules execute in the kernel space, with the modules also generating events. It is then determined whether the generated events includes a set of events matching a pre-specified pattern representing a malicious process. If such as set of events is determined to be present, the process is notified as a malicious process. The steps of determining and notifying are performed in user space.
展开▼