- Patent Title: Protecting a computer device from escalation of privilege attacks
-
Application No.: US17729476Application Date: 2022-04-26
-
Publication No.: US11714901B2Publication Date: 2023-08-01
- Inventor: John Goodridge , Thomas Couser
- Applicant: Avecto Limited
- Applicant Address: GB Manchester
- Assignee: Avecto Limited
- Current Assignee: Avecto Limited
- Current Assignee Address: GB Manchester
- Agency: Morris, Manning & Martin, LLP
- Agent Daniel E. Sineway, Esq.; Adam J. Thompson, Esq.
- Priority: GB 06289 2018.04.18
- Main IPC: G06F21/00
- IPC: G06F21/00 ; G06F21/55 ; G06F9/445
Abstract:
A computing device can receive a first notification that a process has started on the at least one computing device. The computing device can record a first access token associated with the process into the token cache. The computing device can receive a second notification that the process has interacted with the operating system to perform at least one of a set of predetermined operations on the at least one computing device. The computing device can capture a second access token from the process. The computing device can perform a comparison of the second access token captured from the process against the first access token recorded into the token cache. The computing device can determine that an escalation of privilege attack has occurred based on the comparison.
Public/Granted literature
- US20220335125A1 PROTECTING A COMPUTER DEVICE FROM ESCALATION OF PRIVILEGE ATTACKS Public/Granted day:2022-10-20
Information query
