REAL TIME MALICIOUS SOFTWARE DETECTION
First Claim
1. A method of detecting malicious software, wherein the method comprises:
- intercepting a request to perform an activity in a processing system;
determining an entity associated with the activity, wherein the entity comprises at least one of;
a requesting entity of the activity; and
a target entity of the activity;
analysing the entity and the activity to determine if the request is associated with malicious software; and
in the event that the request is determined to be associated with malicious software, restricting the request to perform the activity in the processing system.
6 Assignments
0 Petitions
Accused Products
Abstract
A method, system, computer program product and/or computer readable medium of instructions for detecting malicious software, comprising intercepting a request to perform an activity in a processing system; determining an entity associated with the activity, wherein the entity comprises at least one of: a requesting entity of the activity; and a target entity of the activity; analysing the entity and the activity to determine if the request is associated with malicious software; and in the event that the request is determined to be associated with malicious software, restricting the request to perform the activity in the processing system.
39 Citations
16 Claims
-
1. A method of detecting malicious software, wherein the method comprises:
-
intercepting a request to perform an activity in a processing system;
determining an entity associated with the activity, wherein the entity comprises at least one of;
a requesting entity of the activity; and
a target entity of the activity;
analysing the entity and the activity to determine if the request is associated with malicious software; and
in the event that the request is determined to be associated with malicious software, restricting the request to perform the activity in the processing system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A system to detect malicious software, wherein the system is configured to:
-
intercept a request to perform an activity in a processing system;
determine at least one of;
a requesting entity of the activity; and
a target entity of the activity;
analyse at least one of the requesting entity, the target entity and the action to determine if the activity is associated with malicious software; and
restrict the request to perform the activity in the processing system in the event that the request is determined to be associated with malicious software.
-
-
16. A computer program product comprising a computer readable medium having a computer program recorded therein or thereon, the computer program enabling detection of malicious software, wherein the computer program product configures the processing system to:
-
intercept a request to perform an activity in a processing system;
determine at least one of;
a requesting entity of the activity; and
a target entity of the activity;
analyse at least one of the requesting entity, the target entity and the action to determine if the activity is associated with malicious software; and
restrict the request to perform the activity in the processing system in the event that the request is determined to be associated with malicious software.
-
Specification