Title:
METHOD AND MODULE FOR DETECTING ATTEMPTED CYBER ATTACKS IN A FLEET OF COMPUTERS
Document Type and Number:
WIPO Patent Application WO/2023/161105
Kind Code:
A1
Abstract:
A method for detecting an attempted cyber attack, said method being implemented by a computer (EQn), said attack exploiting a vulnerability (CVEk) in a function to be protected (fc1) running in a process (p1) of a user space (USRn) of said computer (EQn), launching of the execution of said function to be protected (fc1) resulting in the execution, before said attack, of a function of the kernel (oper_exec), said method comprising steps of: - executing (F_Ex) a mitigation policy (PGk) in said kernel (KERn), said mitigation policy (PGk) being associated with said function of the kernel (oper_exec) and being loaded into a namespace (ENSECURE1) of the kernel associated with said process (p1) and dedicated to security; - sending (F_E), to a security management server (CNode), a message (Logi) comprising a datum representative of said process (p1).
Inventors:
BELAIR MAXIME (FR)
LANIEPCE SYLVIE (FR)
OUOROU ADAM (FR)
LANIEPCE SYLVIE (FR)
OUOROU ADAM (FR)
Application Number:
PCT/EP2023/053824
Publication Date:
August 31, 2023
Filing Date:
February 16, 2023
Export Citation:
Assignee:
ORANGE (FR)
International Classes:
G06F21/52; G06F21/55; G06F21/57
Foreign References:
| FR3110726A1 | 2021-11-26 | |||
| FR2102026A5 | 1972-03-31 |
Other References:
BÉLAIR MAXIME MAXIME BELAIR@ORANGE COM ET AL: "SNAPPY programmable kernel-level policies for containers", PROCEEDINGS OF THE 36TH ANNUAL ACM SYMPOSIUM ON APPLIED COMPUTING, ACMPUB27, NEW YORK, NY, USA, 22 March 2021 (2021-03-22), pages 1636 - 1645, XP058740439, ISBN: 978-1-4503-8128-4, DOI: 10.1145/3412841.3442037
BÉLAIR MAXIME ET AL: "Leveraging Kernel Security Mechanisms to Improve Container Security : a Survey", vol. 19, 26 August 2019 (2019-08-26), New York, NY, USA, pages 1 - 6, XP055961158, ISBN: 978-1-4503-7164-3, Retrieved from the Internet [retrieved on 20220914], DOI: 10.1145/3339252.3340502
MAXIME BÉLAIRSYLVIE LANIEPCEJEAN-MARC MENAUD: "Snappy : Programmable Kernel-Level Policies for Containers", ACM, March 2021 (2021-03-01), ISBN: 978-1-4503-8104-8/21/03
BÉLAIR MAXIME ET AL: "Leveraging Kernel Security Mechanisms to Improve Container Security : a Survey", vol. 19, 26 August 2019 (2019-08-26), New York, NY, USA, pages 1 - 6, XP055961158, ISBN: 978-1-4503-7164-3, Retrieved from the Internet
MAXIME BÉLAIRSYLVIE LANIEPCEJEAN-MARC MENAUD: "Snappy : Programmable Kernel-Level Policies for Containers", ACM, March 2021 (2021-03-01), ISBN: 978-1-4503-8104-8/21/03
Download PDF: