DETERMINING MALICIOUSNESS OF SOFTWARE
First Claim
Patent Images
1. A method of detecting malicious activity, including the steps of:
- intercepting activity in a processing system;
detecting attributes of an un-assessed process associated with the activity;
comparing the process attributes and activity to a database of attributes and activity associated with known malicious and non-malicious processes; and
using an inference filter to compute the likely maliciousness of the un-assessed process.
2 Assignments
0 Petitions
Accused Products
Abstract
A method of detecting malicious activity, including the steps of: intercepting activity in a processing system 100; detecting attributes of an un-assessed process 460 associated with the activity; comparing the process attributes and activity to a database 430 of attributes and activity associated with known malicious and non-malicious processes; and using an inference filter 470 to compute the likely maliciousness of the un-assessed process.
362 Citations
25 Claims
-
1. A method of detecting malicious activity, including the steps of:
-
intercepting activity in a processing system; detecting attributes of an un-assessed process associated with the activity; comparing the process attributes and activity to a database of attributes and activity associated with known malicious and non-malicious processes; and using an inference filter to compute the likely maliciousness of the un-assessed process. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 24, 25)
-
-
23. The software of claim 23, wherein the software resides in a virtual environment.
Specification