ANTI-MALWARE DEVICE, ANTI-MALWARE SYSTEM, ANTI-MALWARE METHOD, AND RECORDING MEDIUM IN WHICH ANTI-MALWARE PROGRAM IS STORED
First Claim
1. An anti-malware device comprising:
- a storage unit configured to store risk information in which there are associated a value indicating an attribution of a first information processing device configured to execute software, a value indicating an attribution of the software, and a value that depends on the attributions of the first information processing device and the software and that indicates a degree of risk when the software is executed by the first information processing device;
a subject attribution collection unit configured to collect the value indicating the attribution of the first information processing device from outside;
a object attribution collection unit configured to collect the value indicating the attribution of the software from outside; and
a determination unit configured to determine that the software is malware when the value indicating the degree of risk satisfies a criterion, the value being obtained by comparing the risk information with the values collected by the subject attribution collection unit and the object attribution collection unit.
1 Assignment
0 Petitions
Accused Products
Abstract
An anti-malware device 50 includes: a risk information storage unit 51 in which risk information 510 is stored, in which there are associated a value indicating an attribution of an information processing device 60 for executing software 600, a value indicating an attribution of the software 600, and a value that indicates the degree of risk when the software 600 is executed; a subject attribution collection unit 53 for collecting the value indicating the attribution of the information processing device 60; an object attribution collection unit 54 for collecting the value indicating the attribution of the software 600; and a determination unit 55 for determining that the software 600 is malware when the value indicating the degree of risk obtained by comparing the risk information 510 and the values collected by the subject attribution collection unit 53 and object attribution collection unit 54 satisfies a criterion.
-
Citations
21 Claims
-
1. An anti-malware device comprising:
-
a storage unit configured to store risk information in which there are associated a value indicating an attribution of a first information processing device configured to execute software, a value indicating an attribution of the software, and a value that depends on the attributions of the first information processing device and the software and that indicates a degree of risk when the software is executed by the first information processing device; a subject attribution collection unit configured to collect the value indicating the attribution of the first information processing device from outside; a object attribution collection unit configured to collect the value indicating the attribution of the software from outside; and a determination unit configured to determine that the software is malware when the value indicating the degree of risk satisfies a criterion, the value being obtained by comparing the risk information with the values collected by the subject attribution collection unit and the object attribution collection unit. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. An anti-malware system comprising:
-
an anti-malware device including; a storage unit configured to store risk information in which there are associated a value indicating an attribution of a first information processing device configured to execute software, a value indicating an attribution of the software, and a value that depends on the attributions of the first information processing device and the software and that indicates a degree of risk when the software is executed by the first information processing device; a subject attribution collection unit configured to collect the value indicating the attribution of the first information processing device from outside; an object attribution collection unit configured to collect the value indicating the attribution of the software from outside; and a determination unit configured to determine that the software is malware when the value indicating the degree of risk satisfies a criterion, the value being obtained by comparing the risk information with the values collected by the subject attribution collection unit and the object attribution collection unit; and the first information processing device and the second information processing device.
-
-
16. An anti-malware method comprising, when storage unit stores risk information in which there are associated a value indicating an attribution of a first information processing device configured to execute software, a value indicating an attribution of the software, and a value that depends on the attributions of the first information processing device and the software and that indicates a degree of risk when the software is executed by the first information processing device:
-
by a third information processing device, collecting the value indicating the attribution of the first information processing device from outside; collecting the value indicating the attribution of the software from outside; and determining that the software is malware when the value indicating the degree of risk satisfies a criterion, the value being obtained by comparing the risk information with the values collected, indicating the attribution of the first information processing device and the attribution of the software. - View Dependent Claims (17, 18)
-
-
19. A non-transitory computer readable recording medium storing an anti-malware program for causing a computer accessible to storage unit for storing risk information in which there are associated a value indicating an attribution of a first information processing device configured to execute software, a value indicating an attribution of the software, and a value that depends on the attributions of the first information processing device and the software and that indicates a degree of risk when the software is executed by the first information processing device, to execute:
-
a subject attribution collection process of collecting the value indicating the attribution of the first information processing device from outside; an object attribution collection process of collecting the value indicating the attribution of the software from outside; and a determination process of determining that the software is malware when the value indicating the degree of risk satisfies a criterion, the value being obtained by comparing the risk information with the values collected in the subject attribution collection process and the object attribution collection process. - View Dependent Claims (20, 21)
-
Specification