| 发明名称 |
Methods, systems and computer readable media for detecting command injection attacks |
| 摘要 |
Methods and systems are described for detecting command injection attacks. A positive, taint inference method includes receiving signature fragments on one hand, converting command injection instructions into command fragments on another hand, thus identifying potential attacks upon the condition that a command injection instruction includes critical untrusted parts by using signature fragments. A system detects command injection attacks using this kind of method, and remediates and rejects potential attacks. |
| 申请公布号 |
US9635033(B2) |
申请公布日期 |
2017.04.25 |
| 申请号 |
US201314442859 |
申请日期 |
2013.11.14 |
| 申请人 |
University of Virginia Patent Foundation |
发明人 |
Nguyen-Tuong Anh;Davidson Jack W.;Co Michele;Hiser Jason D.;Knight John C. |
| 分类号 |
G06F21/00;H04L29/06;G06F21/51;G06F21/55;G06F21/57;G06F17/24 |
主分类号 |
G06F21/00 |
| 代理机构 |
|
代理人 |
Decker Robert J. |
| 主权项 |
1. A system for detecting command injection attacks based on command instructions to be received from a client processor or client data memory, said system comprising:
a memory unit operative to store software code; and a processor configured to:
extract string fragments from said software code to provide extracted signature fragments;receive said client command instructions;convert the received command instructions into command fragments;identify critical parts from said command fragments: determine if said critical parts are untrusted or trusted by matching with said extracted signature fragments;
identify potential attacks upon the condition that a command includes critical parts that are untrusted; andcommunicate said identification of potential attacks to an output device, wherein the command fragments are different from external data processed by the software code, and the critical parts of the command fragments do not originate from previously identified command fragments. |
| 地址 |
Charlottesville VA US |
