METHOD AND APPARATUS FOR DETECTING A MALWARE IN FILES
First Claim
1. An apparatus for detecting a malware in files, comprising:
- an acquisition unit configured to obtain from a file system information about a first time point when an interested folder is created by the file system, and information about a second time point when an interested file is created in the interested folder by the file system;
a candidate determination unit configured to determine whether the interested file is a candidate file to be subjected to a malware inspection, based on the information on the first and the second time point; and
an inspection unit configured to perform the malware inspection on the interested file determined to be the candidate file for the malware inspection.
1 Assignment
0 Petitions
Accused Products
Abstract
An apparatus for detecting a malware in files includes an acquisition unit configured to obtain from a file system information about a first time point when an interested folder is created by the file system, and information about a second time point when an interested file is created in the interested folder by the file system, a candidate determination unit configured to determine whether the interested file is a candidate file to be subjected to a malware inspection, based on the information on the first and the second time point, and an inspection unit configured to perform the malware inspection on the interested file determined to be the candidate file for the malware inspection.
-
Citations
25 Claims
-
1. An apparatus for detecting a malware in files, comprising:
-
an acquisition unit configured to obtain from a file system information about a first time point when an interested folder is created by the file system, and information about a second time point when an interested file is created in the interested folder by the file system; a candidate determination unit configured to determine whether the interested file is a candidate file to be subjected to a malware inspection, based on the information on the first and the second time point; and an inspection unit configured to perform the malware inspection on the interested file determined to be the candidate file for the malware inspection. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for detecting a malware in files, the method comprising:
-
obtaining from a file system information about a first time point when an interested folder is created by the file system and information about a second time point when an interested file is created in the interested folder by the file system; determining whether or not the interested file is a candidate file to be subjected to a malware inspection based on the information about the first and the second time point; and performing the malware inspection on the interested file determined to be the candidate file. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
Specification