EXTENSIBLE ACTIVATION EXPLOIT SCANNER
First Claim
1. A method, performed on a processing device, for detecting an activation exploit, the method comprising:
- executing, by at least one processor of the processing device, at least one detection module, each of the at least one detection module being specific for detecting a respective known activation exploit or a respective class of activation exploit;
executing, by the at least one processor of the processing device, at least one response module, each of the at least one response module includes response logic for performing a corresponding action in response to detecting the respective known activation exploit or the respective class of activation exploit; and
executing, by the at least one processor of the processing device, a scanner, which uses an exploit data file, the at least one detection module, and the at least one response module, the exploit data file including information regarding at least one known activation exploit.
2 Assignments
0 Petitions
Accused Products
Abstract
An extensible activation exploit scanner may have a modular structure, such that capabilities of the activation exploit scanner may be updated easily. The extensible activation exploit scanner may include an exploit data file, at least one detection module, at least one response module, and a base scanner. The exploit data file may have a number of entries, each of which may include information about a respective activation exploit or a respective class of activation exploit, as well as information about a detection module and a response module. The activation exploit scanner may read an entry of the exploit data file, may execute a detection module, corresponding to the entry, to detect a respective activation exploit or class of activation exploit, and may execute a response module, corresponding to the entry, to perform an action when the respective activation exploit or the class of activation exploit is detected.
-
Citations
20 Claims
-
1. A method, performed on a processing device, for detecting an activation exploit, the method comprising:
-
executing, by at least one processor of the processing device, at least one detection module, each of the at least one detection module being specific for detecting a respective known activation exploit or a respective class of activation exploit; executing, by the at least one processor of the processing device, at least one response module, each of the at least one response module includes response logic for performing a corresponding action in response to detecting the respective known activation exploit or the respective class of activation exploit; and executing, by the at least one processor of the processing device, a scanner, which uses an exploit data file, the at least one detection module, and the at least one response module, the exploit data file including information regarding at least one known activation exploit. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for an extensible activation exploit scanner installed on a processing device, the system comprising:
-
at least one detection module, each of the at least one detection module including a signature for detecting a respective known activation exploit or a respective known class of activation exploit; at least one response module, each of the at least one response module for performing a corresponding action responsive to detecting a respective known activation exploit or a respective known class of activation exploit; an exploit data file including at least one entry, each of the at least one entry including an identifier corresponding to a respective known activation exploit or a respective known class of activation exploit, location information of one of the at least one detection module, and location information of one of the at least one response module; and a scanner for scanning for a presence of a known activation exploit or a known class of activation exploit by calling a detection module identified by an entry of the exploit file as being for detecting the known activation exploit or the known class of activation exploit, and the scanner further being for responding to the presence of the known activation exploit or the known class of activation exploit by calling a response module identified by the entry of the exploit file. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A machine-readable medium having instructions recorded thereon for a processing device to perform a method comprising:
-
reading an entry of an exploit data file, the entry including an identifier corresponding to a known activation exploit, location information of a detection module, and location information of a response module; using the location information of the detection module to execute the detection module to detect whether the known activation exploit is present; and using the location information of the response module to execute the response module to perform one or more actions in response to the detection module detecting that the known activation exploit breach is present. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification