Systems and methods for authorizing attempts to access shared libraries
First Claim
1. A computer-implemented method for authorizing attempts to access shared libraries, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- detecting an attempt by a process to access a shared library;
identifying a call stack of the process;
inspecting the call stack by;
identifying a subroutine of the process that initiated the attempt to access the shared library;
determining that at least one of;
the subroutine is used to perform inter-process communications;
the subroutine is used to perform task delegation; and
the subroutine is used to perform reflection;
determining that the subroutine is not authorized to access the shared library based at least in part on determining that the subroutine is being used to perform at least one of inter-process communications, task delegation, and reflection; and
causing the attempt to be blocked in response to determining that the subroutine is not authorized to access the shared library.
6 Assignments
0 Petitions
Accused Products
Abstract
The disclosed computer-implemented method for authorizing attempts to access shared libraries may include (1) detecting an attempt by a process to access a shared library, (2) identifying a call stack of the process, (3) inspecting the call stack to determine whether a method that initiated the attempt is authorized to access the shared library, and (4) causing the attempt to be allowed if the method is authorized to access the shared library or blocked if the method is not authorized to access the shared library. Various other methods, systems, and computer-readable media are also disclosed.
29 Citations
20 Claims
-
1. A computer-implemented method for authorizing attempts to access shared libraries, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
-
detecting an attempt by a process to access a shared library; identifying a call stack of the process; inspecting the call stack by; identifying a subroutine of the process that initiated the attempt to access the shared library; determining that at least one of; the subroutine is used to perform inter-process communications; the subroutine is used to perform task delegation; and the subroutine is used to perform reflection; determining that the subroutine is not authorized to access the shared library based at least in part on determining that the subroutine is being used to perform at least one of inter-process communications, task delegation, and reflection; and causing the attempt to be blocked in response to determining that the subroutine is not authorized to access the shared library. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system for authorizing attempts to access shared libraries, the system comprising:
-
a detection module, stored in memory, that detects an attempt by a process to access a shared library; an identification module, stored in memory, that identifies a call stack of the process; an inspection module, stored in memory, that inspects the call stack by; identifying a subroutine of the process that initiated the attempt to access the shared library; determining that at least one of; the subroutine is used to perform inter-process communications; the subroutine is used to perform task delegation;
orthe subroutine is used to perform reflection; determining that the subroutine is not authorized to access the shared library based at least in part on determining that the subroutine is being used to perform at least one of inter-process communications, task delegation, or reflection; an access module, stored in memory, that causes the attempt to be blocked in response to determining that the subroutine is not authorized to access the shared library; and at least one physical processor configured to execute the detection module, the identification module, the inspection module, and the access module. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A non-transitory computer-readable medium comprising one or more computer-readable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
-
detect an attempt by a process to access a shared library; identify a call stack of the process; inspect the call stack by; identifying a subroutine of the process that initiated the attempt to access the shared library; determining that at least one of; the subroutine is used to perform inter-process communications; the subroutine is used to perform task delegation; the subroutine is used to perform reflection; determine that the subroutine is not authorized to access the shared library based at least in part on determining that the subroutine is being used to perform at least one of inter-process communications, task delegation, or reflection; and cause the attempt to be blocked in response to determining that the subroutine is not authorized to access the shared library.
-
Specification