DETECTING UNKNOWN SOFTWARE VULNERABILITIES AND SYSTEM COMPROMISES
First Claim
Patent Images
1. A system, comprising:
- at least one computing device including at least one memory and at least one processor; and
at least one application executed by the at least one processor of the at least one computing device, wherein when executed the at least one application causes the at least one computing device to at least;
during a learning period, determine which of a plurality of portions of a software package are invoked;
determine at least one unused portion of the software package based at least in part on the portions of the software package invoked during the learning period; and
prevent the at least one unused portion of the software package from being accessed.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are various embodiments for detecting unknown software vulnerabilities and system compromises. During a learning period, it is determined which of a plurality of portions of a software package are invoked. At least one unused portion of the software package is determined based at least in part on the portions of the software package invoked during the learning period. Access to the unused portion(s) of the software package is then prevented.
7 Citations
20 Claims
-
1. A system, comprising:
-
at least one computing device including at least one memory and at least one processor; and at least one application executed by the at least one processor of the at least one computing device, wherein when executed the at least one application causes the at least one computing device to at least; during a learning period, determine which of a plurality of portions of a software package are invoked; determine at least one unused portion of the software package based at least in part on the portions of the software package invoked during the learning period; and prevent the at least one unused portion of the software package from being accessed. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method, comprising:
-
during a learning period, recording in a memory of at least one of one or more computing devices, at least one portion of a software package invoked during execution of the software package in the learning period; after the learning period, determining, via at least one service executed by at least one of the one or more computing devices, at least one unused portion of the software package based at least in part on the at least one portion of the software package invoked during the learning period; and performing, via the at least one service executed by at least one of the one or more computing devices, an action with respect to the at least one unused portion of the software package. - View Dependent Claims (9, 10, 11)
-
-
12. A system, comprising:
-
at least one computing device including at least one memory and at least one processor; and at least one application executed by the at least one processor of the at least one computing device, wherein when executed the at least one application causes the at least one computing device to at least; during a learning period, determine invoked portions of a software package; during the learning period, determine a frequency of use of at least one of the invoked portions of the software package; determine, for the at least one of the invoked portions of the software package, that the frequency of use during the learning period is different from a frequency of use after the learning period; and perform an action in response to determining that the frequency of use during the learning period is different from the frequency of use after the learning period. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
Specification