| CPC G06F 21/552 (2013.01) [G06F 2221/034 (2013.01)] | 16 Claims |
|
1. An Information Handling System (IHS), comprising:
a processor; and
a memory coupled to the processor, the memory having instructions stored thereon that, upon execution by the processor, cause the IHS to:
obtain a system time from a system clock configured in the IHS;
obtain a network time from a network time protocol (NTP) server;
compare the system time against the network time; and
when the system time does not match the network time, set a system clock attack chain vector in a secure event log and generate an Indicator of Attack (IoA) report based at least in part, on the system clock attack chain vector;
when the system time matches the network time, reset the system clock attack chain vector in the secure event log; and
set a different attack chain vector in the secure event log and generate another IoA report based, at least in part, on the system clock attack chain vector and at least one attribute associated with at least one of a Basic Input/Output System (BIOS) or a Unified Extensible Firmware Interface (UEFI).
|