US 11,971,979 B2
Integrity violation detection for system services
Jason Ronald Torola, Katy, TX (US); Anthony Louis Lubrano, Sugar Land, TX (US); and Subhasish Sarkar, Pune (IN)
Assigned to BMC Software, Inc., Houston, TX (US)
Filed by BMC Software, Inc., Houston, TX (US)
Filed on Nov. 30, 2021, as Appl. No. 17/538,655.
Prior Publication US 2023/0169162 A1, Jun. 1, 2023
Int. Cl. G06F 21/52 (2013.01); G06F 9/54 (2006.01)
CPC G06F 21/52 (2013.01) [G06F 9/54 (2013.01); G06F 2221/034 (2013.01)] 20 Claims
OG exemplary drawing
 
11. A computer-implemented method, the method comprising:
storing, at a first time, first system service verification data that includes a first capture of a system services table having at least one system service entry, and a first portion of a system service identified in the at least one system service entry, the first capture including a first address at which the system service is stored at the first time;
storing, at a second time, second system service verification data that includes a second capture of the system services table and a second portion of the system service identified in the at least one system service entry, the second capture including a second address at which the system service is stored at the second time;
determining at least one mismatch between the first system service verification data and the second system service verification data, including comparing the second address to the first address and the second portion to the first portion to determine the at least one mismatch; and
generating at least one security notification message identifying the at least one mismatch with respect to at least one of the second capture of the system services table and the second portion.