×

Detection of code injection attacks

  • US 9,213,807 B2
  • Filed: 09/04/2013
  • Issued: 12/15/2015
  • Est. Priority Date: 09/04/2013
  • Status: Active Grant
First Claim
Patent Images

1. A method for detecting foreign code injected into a computer program executed by a heterogeneous computer system comprising a plurality of different processors each with different architecture and different native instruction set, and memory, the plurality of different processors being configured to execute instructions stored in the memory, the method comprising:

  • executing a first portion of the computer program by a first processor having a first architecture and a first instruction set;

    executing a second portion of the computer program by a second processor having a second architecture and a second instruction set different than the first instruction set;

    detecting, on the heterogeneous computer system, an illegal instruction error;

    recording the illegal instruction error;

    determining whether a threshold condition for an attack on the heterogeneous computer system is met based on patterns of multiple previous attacks clustered together and the number of different architectures; and

    generating an alert if the threshold condition for the attack on the heterogeneous computer system is met, wherein the illegal instruction error is triggered by an instruction encoded in a third instruction set different from the first and second instruction sets.

View all claims
  • 13 Assignments
Timeline View
Assignment View
    ×
    ×