Search International and National Patent Collections

1. (WO2018038990) DETECTION AND PREVENTION OF MALICIOUS SHELL EXPLOITS

Pub. No.:    WO/2018/038990    International Application No.:    PCT/US2017/047099
Publication Date: Fri Mar 02 00:59:59 CET 2018 International Filing Date: Thu Aug 17 01:59:59 CEST 2017
IPC: G06F 21/56
Applicants: QUALCOMM INCORPORATED
Inventors: KIM, Minjang
LI, Dong
GATHALA, Sudha Anil Kumar
Title: DETECTION AND PREVENTION OF MALICIOUS SHELL EXPLOITS
Abstract:
Methods, systems, and devices detect and block execution of malicious shell commands requested by a software application. Various embodiments may include receiving a request from a software application to execute a shell command and simulating execution of the shell command to produce execution behavior information. The computing device may analyze system activities to produce execution context information and generate an execution behavior vector based, at least in part, on the execution behavior information and the execution context information. The computing device may use a behavior classifier model to determine whether the shell command is malicious. In response to determining that the shell command is malicious, the computing device may block execution of the shell command.