Malware discovery method and system

Invention Grant

US09330259B2 Malware discovery method and system 有权

Title translation: 恶意软件发现方法和系统

Please log in to see more content

Patent Title: Malware discovery method and system
Patent Title (中): 恶意软件发现方法和系统
Application No.: US13847430

Application Date: 2013-03-19
Publication No.: US09330259B2

Publication Date: 2016-05-03
Inventor: Amit Klein , Yaron Dycian , Gal Frishman , Avner Gideoni
Applicant: TRUSTEER LTD.
Applicant Address: IL Tel Aviv
Assignee: TRUSTEER, LTD.
Current Assignee: TRUSTEER, LTD.
Current Assignee Address: IL Tel Aviv
Agency: AlphaPatent Associates Ltd.
Agent Daniel J. Swirsky
Main IPC: G06F21/56
IPC: G06F21/56 ; G06F21/54

Abstract:

A process for identifying potentially harmful malware, comprises the steps of: a) identifying an executable that is about to run; b) providing a monitoring agent that monitors all threads that are descendent of a thread initiated by the process of said executable; and c) configuring said monitoring agent to conclude that a high probability of malware presence exists, if one of said descendent threads reaches a target process in which suspicious patches are created.

Abstract(Chinese):

识别潜在有害恶意软件的过程包括以下步骤：a）识别即将运行的可执行文件; b）提供监视代理，监视由所述可执行程序的进程发起的线程的后代的所有线程; 以及c）配置所述监视代理以确定存在恶意软件存在的高概率，如果所述后代线程中的一个到达创建可疑补丁的目标进程。

Public/Granted literature

US20140289851A1 Malware Discovery Method and System Public/Granted day:2014-09-25

Information query

Espacenet

IPC分类:

G	物理
G06	计算；推算或计数
G06F	电数字数据处理（基于特定计算模型的计算机系统入G06N）
G06F21/00	防止未授权行为的保护计算机、其部件、程序或数据的安全装置
G06F21/50	.监控用户、程序或设备，以维护平台完整。例如：处理器、固件或操作系统
G06F21/55	..检测本地入侵或实施对策
G06F21/56	...计算机恶意软件检测或处理，例如反病毒装置