Apparatus and method for using information on malicious application behaviors among devices

US 20070192866A1
Filed: 01/24/2007
Published: 08/16/2007
Est. Priority Date: 02/10/2006
Status: Active Grant

First Claim

Patent Images

1. A device for using information on malicious application behaviors, the device comprising:

a capability-monitoring unit that monitors application capabilities;

a behavior-monitoring unit that monitors application behaviors;

an mBDL-generating unit that generates a document in a formal language specifying the application capabilities and the application behaviors; and

a controlling unit that controls execution of an application using the formal language.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A device for using information on malicious application behaviors is provided. The device includes a capability-monitoring unit that monitors application capabilities, a behavior-monitoring unit that monitors application behaviors, an mBDL-generating unit that generates a document in a formal language specifying the application capabilities and the application behaviors, and a controlling unit that controls execution of application using the formal language.

74 Citations

View as Search Results

19 Claims

1. A device for using information on malicious application behaviors, the device comprising:
- a capability-monitoring unit that monitors application capabilities;
  
  a behavior-monitoring unit that monitors application behaviors;
  
  an mBDL-generating unit that generates a document in a formal language specifying the application capabilities and the application behaviors; and
  
  a controlling unit that controls execution of an application using the formal language.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The device of claim 1, wherein the application capabilities refer to utilizing or controlling resources of the device.
  - 3. The device of claim 2, wherein the resource of the device comprises at least one of a file, a network, a memory, and a process.
  - 4. The device of claim 1, wherein the application behaviors comprise information on work carried out by the application in the device.
  - 5. The device of claim 4, wherein the information on the work comprises information on the execution of one of the components, hardware, and software of the device.
  - 6. The device of claim 1, wherein the formal language is generated using Extensible Markup Language (XML).
  - 7. The device of claim 1, further comprising a network-administering unit that transmits the document in the formal language, which is generated in the mBDL-generating unit, to other devices.

8. A method of using information on malicious application behavior in a device, the method comprising:
- monitoring at least one of application behaviors and application capabilities;
  
  generating a document in a formal language specifying the at least one of the monitored application capabilities and the application behaviors; and
  
  controlling execution of an application using the generated formal language.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein the application capabilities comprise the capability of the application to utilize or control resources of the device.
  - 10. The method of claim 9, wherein the resources of the device comprise at least one of a file, a network, a memory, and a process.
  - 11. The method of claim 8, wherein the application behaviors comprise information on work carried out by the application in the device.
  - 12. The method of claim 8, wherein the information on the work comprises information on the execution of one of the components, hardware, and software of the device.
  - 13. The method of claim 8, wherein the formal language is generated using Extensible Markup Language (XML).
  - 14. The method of claim 8, further comprising transmitting the generated formal language to other devices.

15. A method of using information on malicious application behaviors in a device, the method comprising:
- receiving data that contains a document in a formal language, which is created once an application has monitored at least one of application capabilities and application behaviors;
  
  extracting information on the at least one of the application capabilities and the application behaviors by parsing the received data; and
  
  controlling execution of an application according to the extracted information.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The method of claim 15, wherein the application capabilities comprise the capability of the application to utilize or control resources of the device.
  - 17. The method of claim 16, wherein the resources of the device comprise at least one of a file, a network, a memory, and a process.
  - 18. The method of claim 15, wherein the application behaviors comprise information on work carried out by the application in the device.
  - 19. The method of claim 18, wherein the information on the work comprises information on the execution of one of the components, hardware, and software of the device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
Jung, Kyung-im, Sagoo, Kiran Pal

Granted Patent

US 8,640,240 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/24
CPC Class Codes

G06F 21/52 during program execution, e...

G06F 21/55 Detecting local intrusion o...

Apparatus and method for using information on malicious application behaviors among devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

74 Citations

19 Claims

Specification

Use Cases

Quick Links

Others

Apparatus and method for using information on malicious application behaviors among devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

74 Citations

19 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others