Invention Grant
US08490195B1 Method and apparatus for behavioral detection of malware in a computer system
有权
用于在计算机系统中行为检测恶意软件的方法和装置
- Patent Title: Method and apparatus for behavioral detection of malware in a computer system
- Patent Title (中): 用于在计算机系统中行为检测恶意软件的方法和装置
-
Application No.: US12340125Application Date: 2008-12-19
-
Publication No.: US08490195B1Publication Date: 2013-07-16
- Inventor: Joseph H. Chen , Jamie J. Park
- Applicant: Joseph H. Chen , Jamie J. Park
- Applicant Address: US CA Mountain View
- Assignee: Symantec Corporation
- Current Assignee: Symantec Corporation
- Current Assignee Address: US CA Mountain View
- Agency: Wilmer Cutler Pickering Hale and Dorr LLP
- Main IPC: G06F12/14
- IPC: G06F12/14
Abstract:
Method and apparatus for behavioral detection of malware in a computer system are described. In some embodiments, a request by a process executing on a computer to change time of a clock managed by the computer is detected. The process is identified as a potential threat. At least one attribute associated with the process is analyzed to determine a threat level. The request to change the time of the clock is blocked and the process is designated as a true positive threat if the threat level satisfies a threshold level.
Information query
