Detecting code alteration based on memory allocation

Detecting code alteration based on memory allocation

Techniques are described for identifying potential code injection attacks against a process by analyzing the memory allocation for the process. Memory allocation data may be collected on one or more host computing devices, the memory allocation data describing the amount of memory allocated for a pr...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
1. Verfasser: BREZINSKI DOMINIQUE IMJYA
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Techniques are described for identifying potential code injection attacks against a process by analyzing the memory allocation for the process. Memory allocation data may be collected on one or more host computing devices, the memory allocation data describing the amount of memory allocated for a process or utilized by a process during its execution. The collected memory allocation data may be analyzed to identify instances of anomalous memory allocation during process execution. Statistical or machine learning algorithms may be employed to identify anomalous memory allocation based on the analysis of aggregated memory allocation data for the process.