公开(公告)号：US20240202134A1

公开(公告)日：2024-06-20

申请号：US18081149

申请日：2022-12-14

Applicant: CrowdStrike, Inc.

Inventor： Martin Kelly ,  Marco Vedovati ,  Igor Polevoy ,  Milos Petrbok ,  Christopher White

IPC: G06F12/1009 ,  G06F1/14 ,  G06F9/54

CPC classification number: G06F12/1009 ,  G06F1/14 ,  G06F9/544

Abstract: A method includes retrieving, in a kernel space of an operating system executing on a computing device, a first value from a first clock source, retrieving, in a user space of the operating system executing on the computing device, a second value from a second clock source, generating a unique process identifier (UPID) associated with a process identifier (PID) of a process executing in the operating system, wherein the UPID is based on the first value of the first clock source and the second value of the second clock source, and tracking process activity of the process executing in the operating system by utilizing the UPID.