Invention Grant
- Patent Title: Method and apparatus for detecting malware infection
- Patent Title (中): 用于检测恶意软件感染的方法和装置
-
Application No.: US12098334Application Date: 2008-04-04
-
Publication No.: US08955122B2Publication Date: 2015-02-10
- Inventor: Guofei Gu , Phillip Andrew Porras , Martin Fong
- Applicant: Guofei Gu , Phillip Andrew Porras , Martin Fong
- Applicant Address: US CA Menlo Park
- Assignee: SRI International
- Current Assignee: SRI International
- Current Assignee Address: US CA Menlo Park
- Agency: Barnes & Thornburg LLP
- Main IPC: G06F11/00
- IPC: G06F11/00 ; G01R23/10 ; G01R31/08 ; H04L29/06 ; G06F21/55 ; G06F21/56 ; G06F11/34 ; G06F21/57
Abstract:
In one embodiment, the present invention is a method and apparatus for detecting malware infection. One embodiment of a method for detecting a malware infection at a local host in a network, includes monitoring communications between the local host and one or more entities external to the network, generating a dialog warning if the communications include a transaction indicative of a malware infection, declaring a malware infection if, within a predefined period of time, the dialog warnings includes at least one dialog warning indicating a transaction initiated at the local host and at least one dialog warning indicating an additional transaction indicative of a malware infection, and outputting an infection profile for the local host.
Public/Granted literature
- US20090172815A1 METHOD AND APPARATUS FOR DETECTING MALWARE INFECTION Public/Granted day:2009-07-02
Information query
