The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Mar. 12, 2019
Filed:
Nov. 04, 2015
International Business Machines Corporation, Armonk, NY (US);
Rachel E. Craik, North York, CA;
Allan Kielstra, Ajax, CA;
Raymond Mak, Thornhill, CA;
Melanie Ullmer, Scarborough, CA;
International Business Machines Corporation, Armonk, NY (US);
Abstract
Techniques are described for detecting anomalous behavior in program execution. In one example, a method includes logging occurrence of one or more key events during execution of a program. Each key event has a corresponding key event data structure associated with the program, and logging includes storing records associated with the key events, wherein each record is based on the key event data structure associated with the key event. The method further includes analyzing the records to determine if a current pattern of key events associated with the program during execution matches an expected pattern of key events and generating a security alert if the current pattern of key events does not match the expected pattern of key events for the program.