Invention Grant
- Patent Title: Apparatus and method for detecting malicious process
- Patent Title (中): 恶意程序检测装置及方法
-
Application No.: US12103794Application Date: 2008-04-16
-
Publication No.: US08091133B2Publication Date: 2012-01-03
- Inventor: Yun Ju Kim , Young Tae Yun
- Applicant: Yun Ju Kim , Young Tae Yun
- Applicant Address: KR Daejeon
- Assignee: Electronics and Telecommunications Research Institute
- Current Assignee: Electronics and Telecommunications Research Institute
- Current Assignee Address: KR Daejeon
- Agency: Ladas & Parry LLP
- Priority: KR10-2007-0090906 20070907
- Main IPC: G06F11/00
- IPC: G06F11/00 ; G06F12/14 ; G06F12/16 ; G08B23/00 ; G06F9/455
Abstract:
Provided are an apparatus and method for detecting a malicious process. The apparatus includes: a process monitoring unit for monitoring a process generated in a computing environment; a target process setting unit for previously setting a test target process among the processes confirmed by the process monitoring unit; a process generation time change monitoring unit for monitoring if the target process set by the target process setting unit requests to change a generation time; a generation time change preventing unit for preventing a change in the generation time of the target process when the target process requests to change the generation time; and a malicious process detecting unit for determining that a child process of the target process set by the target process setting unit is a malicious process if the child process is generated within a predetermined reference time.
Public/Granted literature
- US20090070876A1 APPARATUS AND METHOD FOR DETECTING MALICIOUS PROCESS Public/Granted day:2009-03-12
Information query
