Invention Grant
- Patent Title: Apparatus and method for generating system call whitelist of application container and method for controlling system call of application container
-
Application No.: US16944480Application Date: 2020-07-31
-
Publication No.: US11893106B2Publication Date: 2024-02-06
- Inventor: Sung-Jin Kim , Hyunyi Yi , Chulwoo Lee , Woomin Hwang , Byungjoon Kim
- Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
- Applicant Address: KR Daejeon
- Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
- Current Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
- Current Assignee Address: KR Daejeon
- Agency: LRK PATENT LAW FIRM
- Priority: KR 20200072511 2020.06.15
- Main IPC: G06F21/53
- IPC: G06F21/53
Abstract:
An apparatus and method for generating a system call whitelist for an application container. The method may include determining whether a container is based on machine code or non-machine code by analyzing the internal configuration of the running container, identifying system calls included in an application through binary static analysis or static analysis of source code selected depending on the determination of whether the container is based on machine code or non-machine code, and generating a whitelist based on the numbers of all of the identified system calls.
Public/Granted literature
Information query
