×

System for cross-host, multi-thread session alignment

  • US 10,063,567 B2
  • Filed: 11/12/2015
  • Issued: 08/28/2018
  • Est. Priority Date: 11/13/2014
  • Status: Active Grant
First Claim
Patent Images

1. A computerized method of detecting aberrant behavior in a software application, the method comprising:

  • instantiating a plurality of replicated applications on at least one computing device using an identical initial setting, wherein each replicated application in the plurality of replicated applications is a replicated instance of the software application executing at least one thread, and the plurality of replicated applications includes a first replicated application and a second replicated application;

    enforcing deterministic behavior so that each replicated application thread;

    independently of the other replicated applications executes application program interface (API) calls in the same sequence, andindependently of the other replicated applications generates call identifiers which are unique for each occurrence of an API call by the replicated application and identical across the plurality of replicated applications for each corresponding application thread;

    obtaining first information associated with a first API call from the first replicated application, the first information including a first call identifier of the first API call and a first digest, wherein the first digest is computed based at least in part on one or more of the first call identifier, a first static call identifier, first call-related data, and first user credentials;

    obtaining second information associated with a second API call from the second replicated application, the second information including a second call identifier of the second API call and a second digest, wherein the second digest is computed based at least in part on one or more of the second call identifier, a second static call identifier, second call-related data, and second user credentials;

    in response to determining the first call identifier and the second call identifier are identical, determining whether the first digest matches the second digest; and

    in response to the first digest not matching the second digest, signaling that aberrant behavior has occurred.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×