×

Automated Malware Detection and Remediation

  • US 20110247071A1
  • Filed: 04/06/2010
  • Published: 10/06/2011
  • Est. Priority Date: 04/06/2010
  • Status: Active Grant
First Claim
Patent Images

1. A method of analyzing a selected computer, wherein the selected computer is part of a computer network, the method comprising:

  • inspecting a predetermined set of operational attributes of the selected computer to detect a change in a state of the selected computer;

    in response to a detected change in state, scanning the selected computer to create a snapshot of the state of the selected computer;

    transmitting the snapshot from the selected computer to an analytic system;

    in the analytic system, comparing the snapshot with an aggregated collection of snapshots previously respectively received from a plurality of computers in the computer network, and identifying, in comparison to the aggregated collection of snapshots previously respectively received from the plurality of other computers in the computer network, an anomalous state of the selected computer;

    initiating, from the analytic system, a probe of the selected computer to gather additional information related to the anomalous state of the selected computer; and

    receiving the additional information and, based thereon, generating a remediation action for the anomalous state of the selected computer.

View all claims
  • 6 Assignments
Timeline View
Assignment View
    ×
    ×