×

Detection of tampering with software installed on a processing device

  • US 8,938,805 B1
  • Filed: 09/24/2012
  • Issued: 01/20/2015
  • Est. Priority Date: 09/24/2012
  • Status: Active Grant
First Claim
Patent Images

1. An apparatus comprising:

  • at least one processing device comprising a processor coupled to a memory;

    the processing device implementing a host-based intrusion detection system configured to permit detection of tampering with at least one software component installed on the processing device;

    the host-based intrusion detection system comprising a forward-secure logging module configured to record information characterizing a plurality of events occurring in the device in such a manner that modification of the recorded information characterizing the events is indicative of a tampering attack and can be detected by an authority;

    wherein the forward-secure logging module is configured to perform said recording in a concealed manner that cannot be directly correlated with occurrence of at least one of the plurality of events; and

    wherein the host-based instruction detection system is configured to send, in response to randomly-timed requests, respective different portions of the forward-secure logging records to the authority such that the forward-secure logging records cannot be directly correlated with occurrence of the corresponding events.

View all claims
  • 18 Assignments
Timeline View
Assignment View
    ×
    ×