Method of detecting computer security threats

US 20070204345A1
Filed: 02/28/2006
Published: 08/30/2007
Est. Priority Date: 02/28/2006
Status: Abandoned Application

First Claim

Patent Images

1. A method of detecting computer security threats, comprising the steps of:

providing a reference database of selected parameters to be monitored relating to one of human behaviour when operating a computer or software behaviour during operation of a computer;

monitoring one of human behaviour or software behaviour originating from a selected computer over a time interval; and

comparing the monitored behaviours to the selected parameters in the reference database and determining the presence or absence of a potential security threat from such comparison.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of detecting computer security threats. A first step involves providing a reference database of selected parameters to be monitored relating to one of human behaviour when operating a computer or software behaviour during operation of a computer. A second step involves monitoring one of human behaviour or software behaviour originating from a selected computer over a time interval. A third step involves comparing the monitored behaviours to the selected parameters in the reference database and determining the presence or absence of a potential security threat from such comparison.

25 Citations

View as Search Results

10 Claims

1. A method of detecting computer security threats, comprising the steps of:
- providing a reference database of selected parameters to be monitored relating to one of human behaviour when operating a computer or software behaviour during operation of a computer;
  
  monitoring one of human behaviour or software behaviour originating from a selected computer over a time interval; and
  
  comparing the monitored behaviours to the selected parameters in the reference database and determining the presence or absence of a potential security threat from such comparison.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method as defined in claim 1, the selected computer operating a website.
  - 3. The method as defined in claim 1, the selected parameters of the reference database containing software behaviour associated with viruses or spy ware.
  - 4. The method as defined in claim 3, the software behaviour associated with viruses or spy ware including at least one of:
    - changing host computer settings, using host computer resources and programs, launching hidden processes that slow down the host computer, or gathering and making use of private information acquired from host computer.
  - 5. The method as defined in claim 1, the selected parameters of the reference database containing human behaviour associated with normal usage by an authorized user.
  - 6. The method as defined in claim 5, the human behaviours associated with normal usage by an authorized user including at least one of:
    - file system usage, frequency of toggling between programs, patterns of computer access time, patterns of launching existing programs, and behaviours associated with compliance with pre-determined security policy.

7. A method of detecting computer security threats, comprising the steps of:
- providing a reference database of selected parameters to be monitored relating to software behaviour during operation of a computer, the selected parameters tending to indicate a likelihood that viruses or spy ware are present in the software;
  
  monitoring software behaviour originating from a selected computer over a time interval; and
  
  comparing the monitored software behaviour to the selected parameters in the reference database and determining the presence or absence of a potential security threat posed by the software behaviour from such comparison.
- View Dependent Claims (8)
- - 8. The method as defined in claim 7, the selected parameters of software behaviour in the reference database including at least one of:
    - changing host computer settings, using host computer resources and programs, launching hidden processes that slow down the host computer, or gathering and making use of private information acquired from host computer;

9. A method of detecting computer security threats, comprising the steps of:
- providing a reference database of selected parameters to be monitored relating to human behaviour when operating a computer, the selected parameters tending to indicate a likelihood of computer use by an unauthorized user;
  
  monitoring human behaviour originating from a selected computer over a time interval; and
  
  comparing the monitored human behaviour to the selected parameters in the reference database and determining the presence or absence of a potential security threat posed by an unauthorized user from such comparison.
- View Dependent Claims (10)
- - 10. The method as defined in claim 9, the selected parameters relating to human behaviour including at least one of:
    - file system usage, frequency of toggling between programs, patterns of computer access time, patterns of launching existing programs, and behaviours associated with compliance or breach of pre-determined security policy.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ParetoLogic, Inc.
Original Assignee
ParetoLogic, Inc.
Inventors
Conn, Michael, Coldwell, Christopher, Wharton, Donald, Pereira, Elton, Pereira, Adrian

Application Number

US11/364,098
Publication Number

US 20070204345A1
Time in Patent Office

Days
Field of Search
US Class Current

726/24
CPC Class Codes

G06F 21/552 involving long-term monitor...

Method of detecting computer security threats

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

25 Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

Method of detecting computer security threats

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

25 Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links