Client side exploit tracking
First Claim
Patent Images
1. A method for managing pestware on a protected computer comprising:
- monitoring the receipt of a file at the protected computer;
monitoring processes created on the protected computer;
identifying at least one of the processes as a process that is generated from the file;
monitoring activity of the process;
comparing activity of the process with factors indicative of pestware;
managing the file and the process based upon the comparison of the activity of the process with the factors.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for managing pestware is described. In one embodiment the method includes monitoring the receipt of a file at the protected computer, monitoring processes created on the protected computer, identifying at least one of the processes as a process that is generated from the file, monitoring activity of the process, comparing activity of the at least one process with factors indicative of pestware and managing the file and the at least one process based upon the comparison of the activity of the at least one process with the factors.
61 Citations
24 Claims
-
1. A method for managing pestware on a protected computer comprising:
-
monitoring the receipt of a file at the protected computer;
monitoring processes created on the protected computer;
identifying at least one of the processes as a process that is generated from the file;
monitoring activity of the process;
comparing activity of the process with factors indicative of pestware;
managing the file and the process based upon the comparison of the activity of the process with the factors. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for managing pestware at a plurality of computers comprising:
-
collecting data from a plurality of computers, wherein the data includes information about activities on each of the plurality of computers;
establishing factors that correspond to patterns in the activities;
assigning a weight to each of the factors based upon a comparison of the patterns with other patterns associated with both desirable and pestware applications so as to generate a plurality of weighted factors, wherein a magnitude of the weight assigned to each of the factors is indicative of a likelihood that each of the corresponding factors is associated with pestware; and
sending the weighted factors to the plurality of computers. - View Dependent Claims (14)
-
-
15. A computer readable medium encoded with instructions to manage pestware on a protected computer, the instructions including instructions for:
-
monitoring the receipt of a file at the protected computer;
monitoring processes created on the protected computer;
identifying at least one of the processes as a process that is generated from the file;
monitoring activity of the process;
comparing activity of the process with factors indicative of pestware;
managing the file and the process based upon the comparison of the activity of the process with the factors. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24)
-
Specification