TECHNIQUES FOR TRACKING EXECUTABLE IMAGES ACROSS FORKING OPERATIONS

TECHNIQUES FOR TRACKING EXECUTABLE IMAGES ACROSS FORKING OPERATIONS

A creation of a first process is detected in a kernel space of the operating system executing on a computing device. An exec parent of the first process is determined. The exec parent identifies a second process within an ancestry of the first process that last performed an exec operation prior to t...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Kelly, Martin, Divakarla, Jayasankar
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page
container_title
container_volume
creator Kelly, Martin
Divakarla, Jayasankar
description A creation of a first process is detected in a kernel space of the operating system executing on a computing device. An exec parent of the first process is determined. The exec parent identifies a second process within an ancestry of the first process that last performed an exec operation prior to the creation of the first process. A unique process identifier (UPID) associated with a process identifier (PID) of the first process is generated. The UPID is associated with the exec parent in a first mapping store that maps the PID to the UPID. Process activity of the first process executing in the operating system is tracked to generate process activity data that comprises the exec parent.
format Patent
fullrecord <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US2024202337A1</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US2024202337A1</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US2024202337A13</originalsourceid><addsrcrecordid>eNrjZHAOcXX28PMMDHUNVnDzD1IICXJ09vb0c1dwjXB1Dg1xdPJxVfD0dXQHSjs6B_kHg1WBFfgHuAY5hnj6-wXzMLCmJeYUp_JCaW4GZTfXEGcP3dSC_PjU4oLE5NS81JL40GAjAyMTIDY2Nnc0NCZOFQD0SSya</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>TECHNIQUES FOR TRACKING EXECUTABLE IMAGES ACROSS FORKING OPERATIONS</title><source>esp@cenet</source><creator>Kelly, Martin ; Divakarla, Jayasankar</creator><creatorcontrib>Kelly, Martin ; Divakarla, Jayasankar</creatorcontrib><description>A creation of a first process is detected in a kernel space of the operating system executing on a computing device. An exec parent of the first process is determined. The exec parent identifies a second process within an ancestry of the first process that last performed an exec operation prior to the creation of the first process. A unique process identifier (UPID) associated with a process identifier (PID) of the first process is generated. The UPID is associated with the exec parent in a first mapping store that maps the PID to the UPID. Process activity of the first process executing in the operating system is tracked to generate process activity data that comprises the exec parent.</description><language>eng</language><subject>CALCULATING ; COMPUTING ; COUNTING ; ELECTRIC DIGITAL DATA PROCESSING ; PHYSICS</subject><creationdate>2024</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20240620&amp;DB=EPODOC&amp;CC=US&amp;NR=2024202337A1$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,776,881,25542,76289</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20240620&amp;DB=EPODOC&amp;CC=US&amp;NR=2024202337A1$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>Kelly, Martin</creatorcontrib><creatorcontrib>Divakarla, Jayasankar</creatorcontrib><title>TECHNIQUES FOR TRACKING EXECUTABLE IMAGES ACROSS FORKING OPERATIONS</title><description>A creation of a first process is detected in a kernel space of the operating system executing on a computing device. An exec parent of the first process is determined. The exec parent identifies a second process within an ancestry of the first process that last performed an exec operation prior to the creation of the first process. A unique process identifier (UPID) associated with a process identifier (PID) of the first process is generated. The UPID is associated with the exec parent in a first mapping store that maps the PID to the UPID. Process activity of the first process executing in the operating system is tracked to generate process activity data that comprises the exec parent.</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>PHYSICS</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2024</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZHAOcXX28PMMDHUNVnDzD1IICXJ09vb0c1dwjXB1Dg1xdPJxVfD0dXQHSjs6B_kHg1WBFfgHuAY5hnj6-wXzMLCmJeYUp_JCaW4GZTfXEGcP3dSC_PjU4oLE5NS81JL40GAjAyMTIDY2Nnc0NCZOFQD0SSya</recordid><startdate>20240620</startdate><enddate>20240620</enddate><creator>Kelly, Martin</creator><creator>Divakarla, Jayasankar</creator><scope>EVB</scope></search><sort><creationdate>20240620</creationdate><title>TECHNIQUES FOR TRACKING EXECUTABLE IMAGES ACROSS FORKING OPERATIONS</title><author>Kelly, Martin ; Divakarla, Jayasankar</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US2024202337A13</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2024</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>PHYSICS</topic><toplevel>online_resources</toplevel><creatorcontrib>Kelly, Martin</creatorcontrib><creatorcontrib>Divakarla, Jayasankar</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Kelly, Martin</au><au>Divakarla, Jayasankar</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>TECHNIQUES FOR TRACKING EXECUTABLE IMAGES ACROSS FORKING OPERATIONS</title><date>2024-06-20</date><risdate>2024</risdate><abstract>A creation of a first process is detected in a kernel space of the operating system executing on a computing device. An exec parent of the first process is determined. The exec parent identifies a second process within an ancestry of the first process that last performed an exec operation prior to the creation of the first process. A unique process identifier (UPID) associated with a process identifier (PID) of the first process is generated. The UPID is associated with the exec parent in a first mapping store that maps the PID to the UPID. Process activity of the first process executing in the operating system is tracked to generate process activity data that comprises the exec parent.</abstract><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier
ispartof
issn
language eng
recordid cdi_epo_espacenet_US2024202337A1
source esp@cenet
subjects CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
title TECHNIQUES FOR TRACKING EXECUTABLE IMAGES ACROSS FORKING OPERATIONS
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-11T16%3A47%3A30IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=Kelly,%20Martin&rft.date=2024-06-20&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS2024202337A1%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true