| 发明名称 | Software exploit detection | ||
| 摘要 | A method may include, in a computing device including a processor, memory, an operating system, and at least one installed application, detecting an attempted exploitation of at least one known vulnerability associated with the device. The attempted exploitation may be logged. At least one remedial action may be performed on the device based on the logged attempted exploitation. The known vulnerability may be associated with the operating system and/or the at least one installed application. The at least one known vulnerability may include one or more of at least one known coding flaw in the operating system or in the at least one installed application, at least one known weakness in a protocol running on the computing device, a known family of coding flaws in the operating system or in the at least one installed application, an unauthorized triggering of premium SMS services, and/or triggering of a hostile misconfiguration. | ||
| 申请公布号 | US9117072(B2) | 申请公布日期 | 2015.08.25 |
| 申请号 | US201213717824 | 申请日期 | 2012.12.18 |
| 申请人 | Google Inc. | 发明人 | Ludwig Adrian L.;Condra, IV Curtis Gerald;Kralevich, IV Nicholas Neil |
| 分类号 | G06F21/55;G06F21/57;H04L29/06 | 主分类号 | G06F21/55 |
| 代理机构 | Morris & Kamlay LLP | 代理人 | Morris & Kamlay LLP |
| 主权项 | 1. A method for remediating, via a network device including a processor and a memory, attempted exploitations associated with a plurality of computing devices, the plurality of computing devices including at least one reporting computing device, having a processor, memory, an operating system, and at least one installed application, that identifies and reports the attempted exploitations, and at least one non-reporting computing device that has not reported the attempted exploitations, the method comprising: identifying an attempted exploitation of the at least one reporting computing device; inserting a logging code into the operating system of the at least one reporting computing device based on the identifying an attempted exploitation of the at least one reporting computing device; receiving from the at least one reporting computing device, an aggregated log, wherein the aggregated log is created via the logging code on the at least one reporting computing device and comprises a log record indicating the attempted exploitations of the computing device; generating, based on the aggregated log, at least one instruction to remediate an attempted exploitation recorded in the aggregated log; and communicating the at least one instruction to the at least one reporting computing device and to the at least one non-reporting computing device. | ||
| 地址 | Mountain View CA US | ||