Operating system kernel analysis to detect a cyber attack

Operating system kernel analysis to detect a cyber attack

A method of detecting unauthorized code modification within a kernel of a computer system comprising performing a first measurement of the kernel in a kernel location, by a measurement tool executing on the computer system and storing the first measurement in a storage location. Initiating the measu...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
1. Verfasser: Paczkowski, Lyle W
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A method of detecting unauthorized code modification within a kernel of a computer system comprising performing a first measurement of the kernel in a kernel location, by a measurement tool executing on the computer system and storing the first measurement in a storage location. Initiating the measurement tool in response to a trigger event to perform a second measurement of the kernel. Comparing the second measurement, of the kernel, to a first measurement, of the kernel, by the measurement tool to determine a comparison value. Initiating a monitoring tool, executing on the computer system, in response to the comparison value exceeding a threshold value.