×

Identifying exploitation of vulnerabilities using error report

  • US 8,745,703 B2
  • Filed: 06/24/2008
  • Issued: 06/03/2014
  • Est. Priority Date: 06/24/2008
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method of computer forensics to determine whether an error report contains evidence of an attempted exploit, the method comprising:

  • obtaining the error report generated by a computing system and including error data related to one or more errors within the computing system;

    scanning, with a computer processor, the error report for a memory pattern indicative of an unsuccessful attempt to subvert a security mechanism of the computing system;

    scanning, with the computer processor, the error report for exception information indicative of a point of attack within the computing system of the unsuccessful attempt to subvert the security mechanism; and

    recording, with the computer processor, forensic data associated with a result of any of the scanning steps onto a computer-readable storage medium.

View all claims
  • 3 Assignments
Timeline View
Assignment View
    ×
    ×