SYSTEM AND METHOD FOR MALWARE ALERTING BASED ON ANALYSIS OF HISTORICAL NETWORK AND PROCESS ACTIVITY
First Claim
1. A method for malware protection, comprising:
- receiving detection information for detecting malware on an electronic device;
accessing historical information of an electronic device;
comparing the detection information to the historical information; and
based on the comparison of the detection information with the historical information, alerting a user of the electronic device of risks of malware evidenced by the historical information;
wherein comparing detection information to the historical information comprises;
determining that information from a first category of historical information is associated with a source of malware;
cross-referencing information from a second category of historical information to the information from the first category; and
associating the information from the second category with the malware.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for malware protection includes receiving detection information for detecting malware on an electronic device, accessing historical information of an electronic device, comparing the detection information to the historical information, and based on the comparison of the detection information with the historical information, alerting a user of the electronic device of risks of malware evidenced by the historical information. Comparing detection information to historical information includes determining that information from a first category of historical information is associated with a source of malware, cross-referencing information from a second category of historical information to the information from the first category, and associating the information from the second category with the malware.
285 Citations
30 Claims
-
1. A method for malware protection, comprising:
-
receiving detection information for detecting malware on an electronic device; accessing historical information of an electronic device; comparing the detection information to the historical information; and based on the comparison of the detection information with the historical information, alerting a user of the electronic device of risks of malware evidenced by the historical information; wherein comparing detection information to the historical information comprises; determining that information from a first category of historical information is associated with a source of malware; cross-referencing information from a second category of historical information to the information from the first category; and associating the information from the second category with the malware. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. An article of manufacture, comprising:
-
a computer readable medium; and computer-executable instructions carried on the computer readable medium, the instructions readable by a processor, the instructions, when read and executed, for causing the processor to; receive detection information for detecting malware on an electronic device; access historical information of an electronic device; compare detection information to the historical information; and based on the comparison of the detection information with the historical information, alert a user of the electronic device of risks of malware, the risks evidenced by the historical information. wherein causing the processor to compare detection information to the historical information comprises causing the processor to; determine that information from a first category of historical information is associated with a source of malware; cross-reference information from a second category of historical information to the information from the first category; and associate the information from the second category with the malware. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
Specification