×

Runtime risk detection based on user, application, and system action sequence correlation

DC CAFC
  • US 8,850,517 B2
  • Filed: 01/15/2013
  • Issued: 09/30/2014
  • Est. Priority Date: 01/15/2013
  • Status: Active Grant
First Claim
Patent Images

1. A method for assessing runtime risk for an application program that executes on a device, comprising:

  • storing, in a rules database, a plurality of rules, wherein each rule identifies an action sequence;

    storing, in a policy database, a plurality of assessment policies, wherein each assessment policy includes at least one rule of the plurality of rules;

    identifying, using at least one assessment policy, a runtime risk for an application program that executes on a device, wherein the identified runtime risk indicates a risk or threat of the identified action sequence of the application; and

    identifying, by a runtime monitor including a processing device, a behavior score for the application program that executes on the device based on the identified runtime risk, whereinthe action sequence is a sequence of at least two performed actions, andeach performed action is at least one of;

    a user action, an application action, and a system action.

View all claims
  • 3 Assignments
Timeline View
Assignment View
    ×
    ×