Invention Grant
US08646089B2 System and method for transitioning to a whitelist mode during a malware attack in a network environment
有权
在网络环境恶意软件攻击期间转换为白名单模式的系统和方法
- Patent Title: System and method for transitioning to a whitelist mode during a malware attack in a network environment
- Patent Title (中): 在网络环境恶意软件攻击期间转换为白名单模式的系统和方法
-
Application No.: US13276086Application Date: 2011-10-18
-
Publication No.: US08646089B2Publication Date: 2014-02-04
- Inventor: Sridhar Jayanthi , Praneet Khare , Gangadharasa Srinivasa
- Applicant: Sridhar Jayanthi , Praneet Khare , Gangadharasa Srinivasa
- Applicant Address: US CA Santa Clara
- Assignee: McAfee, Inc.
- Current Assignee: McAfee, Inc.
- Current Assignee Address: US CA Santa Clara
- Agency: Patent Capital Group
- Main IPC: G06F11/00
- IPC: G06F11/00
Abstract:
A method is provided in one example embodiment that includes receiving a signal to enable a whitelist mode on a host in a network, terminating a process executing on the host if the process is not verified, and blocking execution of software objects on the host if the software objects are not represented on the whitelist. In more particular embodiments, the method also includes identifying the process on a process list that enumerates one or more processes executing on the host. Yet further embodiments include quarantining the host if a second process on the process list is a critical process and if the second process is not verified. More specific embodiments include identifying and restarting another process on the process list if process memory was modified.
Public/Granted literature
- US20130097708A1 SYSTEM AND METHOD FOR TRANSITIONING TO A WHITELIST MODE DURING A MALWARE ATTACK IN A NETWORK ENVIRONMENT Public/Granted day:2013-04-18
Information query
