US 11,809,573 B2
Exploit detection via induced exceptions
Andrew L. Sandoval, San Antonio, TX (US)
Assigned to OPEN TEXT, INC., Menlo Park, CA (US)
Filed by Open Text Inc., Menlo Park, CA (US)
Filed on Nov. 1, 2021, as Appl. No. 17/516,286.
Application 17/516,286 is a continuation of application No. 16/266,330, filed on Feb. 4, 2019, granted, now 11,170,112.
Claims priority of provisional application 62/696,116, filed on Jul. 10, 2018.
Prior Publication US 2022/0129562 A1, Apr. 28, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 29/06 (2006.01); G06F 21/57 (2013.01); G06F 21/55 (2013.01)
CPC G06F 21/577 (2013.01) [G06F 21/554 (2013.01); G06F 2221/034 (2013.01)] 24 Claims
OG exemplary drawing
 
1. A system comprising:
a reputation data store storing reputation information;
a processor; and
a memory storing instructions executable by the processor, wherein the instructions executable by the processor comprise instructions for:
generating an inspection point, the inspection point causing an exception when a set of software instructions encounters the inspection point during an execution of the set of software instructions by the processor;
registering an exception handler to handle the exception associated with by the inspection point;
receiving, in response to the set of software instructions encountering the inspection point, an indication of the exception;
based on the indication of the exception, accessing a context record associated with the execution of the set of software instructions;
accessing reputation information from the reputation data store;
evaluating the context record to determine if an exploit is present, wherein evaluating the context record comprises evaluating the context record using the reputation information; and
based on a determination that the exploit is present, performing a corrective action for the exploit.