Agent Based Application Reputation System for Operating Systems

US 20140208425A1
Filed: 01/16/2014
Published: 07/24/2014
Est. Priority Date: 01/21/2013
Status: Active Grant

First Claim

Patent Images

1. A method for implementing a security agent on behalf of a device, the method comprising:

obtaining a list of applications installed on the device from a repository remote from the security agent and device;

for each respective application on the list, comparing reputation attributes obtained from a reputation database against attributes of the application installed on the device; and

for any of the respective applications for which it is determined from the comparing that the application installed on the device is malicious, the security agent automatically uninstalling, from the device, the respective application that has been determined to be malicious;

wherein the security agent is not installed on the device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for implementing a security agent on behalf of a device, the method comprising: obtaining a list of applications installed on the device from a remote repository; for each respective application on the list, comparing reputation attributes obtained from a reputation database against attributes of the application installed on the device; and for any of the respective applications for which it is determined from the comparing that the application installed on the device is malicious, taking action to limit malicious activity by the respective application installed on the device.

27 Citations

View as Search Results

19 Claims

1. A method for implementing a security agent on behalf of a device, the method comprising:
- obtaining a list of applications installed on the device from a repository remote from the security agent and device;
  
  for each respective application on the list, comparing reputation attributes obtained from a reputation database against attributes of the application installed on the device; and
  
  for any of the respective applications for which it is determined from the comparing that the application installed on the device is malicious, the security agent automatically uninstalling, from the device, the respective application that has been determined to be malicious;
  
  wherein the security agent is not installed on the device.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method according to claim 1, wherein the security agent obtains the list of applications installed on the device using security credentials provided by a user of the device.
  - 3. The method according to claim 2, wherein the security agent obtains the list of applications installed on the device from at least one of a virtual application store and a virtual social networking site from which the installed applications were downloaded to the device.
  - 4. The method according to claim 1, wherein the reputation attributes for each respective application on the list that are obtained from the reputation database comprise at least:
    - whether the respective application is malicious or safe;
      
      battery consumption due to execution of the respective application; and
      
      resources on the device that are accessed by the respective application.
  - 5. The method according to claim 4, wherein the reputation attributes are obtained from the reputation database by deriving a unique identifier for each respective application on the list and submitting each of the derived unique identifiers to the reputation database.

6. (canceled)

7. A computer readable memory storing a set of executable instructions for implementing a security agent on behalf of a device, the set of executable instructions comprising:
- code for obtaining a list of applications installed on the device;
  
  code for comparing, for each respective application on the list, reputation attributes obtained from a reputation database against attributes of the application installed on the device; and
  
  for any of the respective applications for which it is determined from executing the code for comparing that the application installed on the device is malicious, code for the security agent to automatically uninstall, from the device, the respective application that has been determined to be malicious.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The computer readable memory according to claim 7, wherein the code for obtaining operates to obtain the list of applications installed on the device using security credentials provided by a user of the device.
  - 9. The computer readable memory according to claim 8, wherein the code for obtaining operates to obtain the list of applications installed on the device from at least one of a virtual application store and a virtual social networking site from which the installed applications were downloaded to the device.
  - 10. The computer readable memory according to claim 7, wherein the reputation attributes for each respective application on the list that are obtained from the reputation database comprise at least:
    - whether the respective application is malicious or safe;
      
      battery consumption due to execution of the respective application; and
      
      resources on the device that are accessed by the respective application.
  - 11. The computer readable memory according to claim 10, wherein the reputation attributes are obtained from the reputation database by deriving a unique identifier for each respective application on the list and submitting each of the derived unique identifiers to the reputation database.

12. (canceled)

13. At least one security server comprising at least one memory storing a set of computer executable instructions and at least one processor, wherein the memory with the set of computer executable instructions is configured with the at least one processor to cause the security server to at least:
- obtain a list of applications installed on a device;
  
  for each respective application on the list, compare reputation attributes obtained from a reputation database against attributes of the application installed on the device; and
  
  for any of the respective applications for which it is determined from the comparing that the application installed on the device is malicious, automatically uninstall from the device, via the security agent, the respective application that has been determined to be malicious.
- View Dependent Claims (14, 15, 16, 17, 19)
- - 14. The at least one security server according to claim 13, wherein the security agent obtains the list of applications installed on the device using security credentials provided by a user of the device.
  - 15. The at least one security server according to claim 14, wherein the security agent obtains the list of applications installed on the device from at least one of a virtual application store and a virtual social networking site from which the installed applications were downloaded to the device.
  - 16. The at least one security server according to claim 13, wherein the reputation attributes for each respective application on the list that are obtained from the reputation database comprise at least:
    - whether the respective application is malicious or safe;
      
      battery consumption due to execution of the respective application; and
      
      resources on the device that are accessed by the respective application.
  - 17. The at least one security server according to claim 16, wherein the reputation attributes are obtained from the reputation database by deriving a unique identifier for each respective application on the list and submitting each of the derived unique identifiers to the reputation database.
  - 19. The security server according to claim 13, wherein the set of computer executable instructions operate in conjunction with a security agent client application resident on the device to implement a personal cloud security service on behalf of the device using security credentials provided by a user of the device.

18. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Withsecure Corporation
Original Assignee
F-Secure Corporation (F-Secure Oyj)
Inventors
Palomaki, Pirkka

Granted Patent

US 8,918,888 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/23
CPC Class Codes

G06F 21/56   Computer malware detection ...

G06F 21/565   by checking file integrity

G06F 21/567   using dedicated hardware

G06F 21/577   Assessing vulnerabilities a...

Agent Based Application Reputation System for Operating Systems

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

27 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Agent Based Application Reputation System for Operating Systems

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links