US 12,149,623 B2
Security privilege escalation exploit detection and mitigation
Andrew Sandoval, San Antonio, TX (US); and Eric Klonowski, Broomfield, CO (US)
Assigned to OPEN TEXT INC., Menlo Park, CA (US)
Filed by Open Text Inc., Menlo Park, CA (US)
Filed on Jun. 9, 2022, as Appl. No. 17/836,714.
Application 17/836,714 is a continuation of application No. 16/903,535, filed on Jun. 17, 2020, granted, now 11,438,159.
Application 16/903,535 is a continuation of application No. 15/903,303, filed on Feb. 23, 2018, granted, now 10,728,034, issued on Jul. 28, 2020.
Prior Publication US 2022/0303136 A1, Sep. 22, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/32 (2006.01); G06F 9/445 (2018.01); G06F 21/50 (2013.01)
CPC H04L 9/3213 (2013.01) [G06F 9/44521 (2013.01); G06F 21/50 (2013.01)] 25 Claims
OG exemplary drawing
 
1. A system comprising:
a processor; and
a memory coupled to the processor, the memory comprising computer executable instructions that, when executed by the processor, performs a method comprising:
receiving a notification associated with an execution of a process on a device;
identifying privilege information associated with the process, including identifying a first security token for the process;
periodically evaluating an attribute of the privilege information, including periodically comparing a current security token associated with the process with the first security token;
determining that the attribute of the privilege information has been modified from a previous state of the attribute; and
upon determining that the attribute of the privilege information has been modified from the previous state of the attribute, performing a corrective action relating to the execution of the process on the device.