Malicious activity detection in a memory

Wheeler, Jason W.; Quach, Tu-Thach; James, Conrad D.; Aimone, James Bradley; Rodrigues, Arun F.

Title: Malicious activity detection in a memory

Full Record
Other Related Research

Abstract

A method and apparatus for monitoring a volatile memory in a computer system. Samples of compressed data from locations in the volatile memory in the computer system are read. Data in the volatile memory is reconstructed using the samples of compressed data. The data is an image of the volatile memory. The image enables determining whether an undesired process is present in the volatile memory.

Inventors:: Wheeler, Jason W.; Quach, Tu-Thach; James, Conrad D.; Aimone, James Bradley; Rodrigues, Arun F.

Issue Date:: 2021-06-01

Research Org.:: Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

Sponsoring Org.:: USDOE

OSTI Identifier:: 1824029

Patent Number(s):: 11023579

Application Number:: 15/367,026

Assignee:: National Technology & Engineering Solutions of Sandia, LLC (Albuquerque, NM)

DOE Contract Number:: AC04-94AL85000

Resource Type:: Patent

Resource Relation:: Patent File Date: 12/01/2016

Country of Publication:: United States

Language:: English

Citation Formats


                    Wheeler, Jason W., Quach, Tu-Thach, James, Conrad D., Aimone, James Bradley, and Rodrigues, Arun F. Malicious activity detection in a memory.  United States: N. p., 2021. 
        Web.

Copy to clipboard


                    Wheeler, Jason W., Quach, Tu-Thach, James, Conrad D., Aimone, James Bradley, & Rodrigues, Arun F. Malicious activity detection in a memory.  United States.

Copy to clipboard


                    Wheeler, Jason W., Quach, Tu-Thach, James, Conrad D., Aimone, James Bradley, and Rodrigues, Arun F. Tue .  
        "Malicious activity detection in a memory".  United States.  https://www.osti.gov/servlets/purl/1824029.

Copy to clipboard


                    
@article{osti_1824029,

  title        = {Malicious activity detection in a memory},

  author       = {Wheeler, Jason W. and Quach, Tu-Thach and James, Conrad D. and Aimone, James Bradley and Rodrigues, Arun F.},

  abstractNote = {A method and apparatus for monitoring a volatile memory in a computer system. Samples of compressed data from locations in the volatile memory in the computer system are read. Data in the volatile memory is reconstructed using the samples of compressed data. The data is an image of the volatile memory. The image enables determining whether an undesired process is present in the volatile memory.},

  doi          = {},

  journal      = {},
number       = ,

  volume       = ,

  place        = {United States},

  year         = {2021},

  month        = {6}

}

Copy to clipboard

Patent:

Save / Share:

Export Metadata

Save to My Library

Similar Records in DOE Patents and OSTI.GOV collections:

Detection of malicious computer executables

Patent Cai, Dongming M [Los Alamos, NM]; Gokhale, Maya [Los Alamos, NM]

A method of detecting malicious binary executable files is accomplished by inputting a binary executable file; converting the binary executable file to byte hexadecimal text strings; calculating the frequency of each byte pattern in the byte hexadecimal text strings; selecting characteristic byte pattern frequencies as discriminating features; classifying the discriminating features as malicious or benign; labeling the binary executable file as malicious or benign; and outputting the labeled malicious or benign binary executable file.
Full Text Available
Securing against malicious control of circuit breakers in electrical substations

Patent Hong, Junho; Nuqui, Reynaldo

An example method for detecting and mitigating attacks on electric power substations comprises detecting a command to open or close a circuit breaker in the electric power substation. A modified extended substation model for the electric power substation is generated, based on the detected command and based on measurements in substation, where the modified extended substation model is a power flow model for the substation and for one or more directly connected neighboring substations. A power flow analysis is performed, using the modified extended substation model, to generate a predicted voltage for each of a plurality of nodes in themore » « less
Full Text Available
Securing against malicious control of circuit breakers in electrical substations

Patent Hong, Junho; Nuqui, Reynaldo

An example method for detecting and mitigating attacks on electric power substations comprises detecting a command to open or close a circuit breaker in the electric power substation. A modified extended substation model for the electric power substation is generated, based on the detected command and based on measurements in substation, where the modified extended substation model is a power flow model for the substation and for one or more directly connected neighboring substations. A power flow analysis is performed, using the modified extended substation model, to generate a predicted voltage for each of a plurality of nodes in themore » « less
Full Text Available
Dedicated memory structure holding data for detecting available worker thread(s) and informing available worker thread(s) of task(s) to execute

Patent Chiu, George L.; Eichenberger, Alexandre E.; O'Brien, John K. P.

The present disclosure relates generally to a dedicated memory structure (that is, hardware device) holding data for detecting available worker thread(s) and informing available worker thread(s) of task(s) to execute.
Full Text Available
Silent store detection and recording in memory storage

Patent Bose, Pradip; Cher, Chen-Yong; Nair, Ravi

An aspect includes receiving a write request that includes a memory address and write data. Stored data is read from a memory location at the memory address. Based on determining that the memory location was not previously modified, the stored data is compared to the write data. Based on the stored data matching the write data, the write request is completed without writing the write data to the memory and a corresponding silent store bit, in a silent store bitmap is set. Based on the stored data not matching the write data, the write data is written to the memorymore » « less
Full Text Available

Similar Records