logo

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 7735136 B1

PDFFull Text
Date of Patent:
Jun. 08, 2010

Filed:

Apr. 18, 2006

0-touch and 1-touch techniques for improving the availability of computer programs under protection without compromising security

Applicants:

Srinivas Mantripragada, Cupertino, CA (US);

Tim Garnett, Boston, MA (US);

Derek Bruening, Troy, NY (US);

Vladimir Kiriansky, Cambridge, MA (US);

Bharath Chandramohan, Sunnyvale, CA (US);

James Brink, Oakland, CA (US);

Saman P. Amarasinghe, Waltham, MA (US);

Sandy Wilbourn, Palo Alto, CA (US);

Inventors:

Srinivas Mantripragada, Cupertino, CA (US);

Tim Garnett, Boston, MA (US);

Derek Bruening, Troy, NY (US);

Vladimir Kiriansky, Cambridge, MA (US);

Bharath Chandramohan, Sunnyvale, CA (US);

James Brink, Oakland, CA (US);

Saman P. Amarasinghe, Waltham, MA (US);

Sandy Wilbourn, Palo Alto, CA (US);

Assignee:

VMware, Inc., Palo Alto, CA (US);

Attorney:
Primary Examiner:

Brandon S Hoffman

Int. Cl.
CPC ...
G06F 12/14 (2006.01);
U.S. Cl.
CPC ...
Abstract

Protected software, such as an application and/or DLL, is monitored by protective software to guard against attacks, while distinguishing spurious, benign events from attacks. In a 1-touch approach, the protected software is monitored in a testing environment to detect spurious, benign events caused by, e.g., incompatibility or interoperability problems. The spurious events can be remediated in different ways, such as by applying a relaxed security policy. In a production mode, or 0-touch mode, when the protected software is subject to attacks, the corresponding remediation can be applied when the spurious events are again detected. Security events which occur in production mode can also be treated as benign when they occur within a specified time window. The applications and/or DLLs can further be classified according to whether they are known to have bad properties, known to be well-behaved, or unknown. Appropriate treatment is provided based on the classification.

Find Patent Forward Citations

Loading…