Invention Grant
- Patent Title: Detecting malicious use of computer resources by tasks running on a computer system
-
Application No.: US14547359Application Date: 2014-11-19
-
Publication No.: US09251345B2Publication Date: 2016-02-02
- Inventor: Robert G. Freeman , Gunter D. Ollmann
- Applicant: International Business Machines Corporation
- Applicant Address: US NY Armonk
- Assignee: International Business Machines Corporation
- Current Assignee: International Business Machines Corporation
- Current Assignee Address: US NY Armonk
- Agency: Yee & Associates, P.C.
- Agent Lisa J. Ulrich
- Main IPC: G06F11/00
- IPC: G06F11/00 ; G06F12/14 ; G06F12/16 ; G06F21/56 ; H04L29/06 ; G06F9/445 ; G06F11/34
Abstract:
A method, apparatus, and computer program product for identifying malware is disclosed. The method identifies processes in a running process list on a host computer system. The method identifies ports assigned to the processes in the running process list on the host computer system. The method determines whether any one of ports that is currently in use in the host computer system is not assigned to any of the processes in the running process list. The method then makes a record that a hidden, running process is present as a characteristic of an attack in response to a determination that one of the ports is currently in use but is not assigned to any of the processes in the running process list in the host computer system.
Public/Granted literature
- US20150074812A1 Detecting Malicious Use of Computer Resources by Tasks Running on a Computer System Public/Granted day:2015-03-12
Information query
