MALWARE DETECTION METHOD AND APPARATUS
First Claim
Patent Images
1. A malware detection method implemented within a computer and comprising:
- for a given electronic file, determining if the file is associated with a valid digital signature; and
if it is, then verifying that the signature belongs to a trusted source and if so then not performing a malware scan of said file, and if the signature cannot be verified as belonging to a trusted source then performing said scan.
2 Assignments
0 Petitions
Accused Products
Abstract
According to a first aspect of the present invention there is provided a malware detection method implemented within a computer. The method includes, for a given electronic file, determining if the file is associated with a valid digital signature. If the file is associated with a valid digital signature, then verifying that the signature belongs to a trusted source. If the signature does belong to a trusted source then not performing a malware scan of said file, and if the signature cannot be verified as belonging to a trusted source then performing said scan.
35 Citations
13 Claims
-
1. A malware detection method implemented within a computer and comprising:
- for a given electronic file, determining if the file is associated with a valid digital signature; and
if it is, then verifying that the signature belongs to a trusted source and if so then not performing a malware scan of said file, and if the signature cannot be verified as belonging to a trusted source then performing said scan. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- for a given electronic file, determining if the file is associated with a valid digital signature; and
-
12. A computer comprising:
- a memory storing a database of trusted public keys; and
a processor for determining if a given electronic file is associated with a valid digital signature and, if it is, then verifying that the signature belongs to a trusted source, and if the signature is verified then not performing a malware scan of said file, and if the signature cannot be verified as belonging to a trusted source then performing said scan.
- a memory storing a database of trusted public keys; and
-
13. A method of maintaining a database of trusted public keys in a plurality of computer devices for the purpose of eliminating the need to scan trusted files for malware at the computer devices, the method comprising:
- identifying at a network based service, public keys belonging to a public key infrastructure architecture and which are used to digitally sign electronic files;
verifying that these public keys belong to a trusted source; and
securely sending the trusted public keys to the devices.
- identifying at a network based service, public keys belonging to a public key infrastructure architecture and which are used to digitally sign electronic files;
Specification