Agent based application reputation system for operating systems
First Claim
Patent Images
1. A method for implementing a security agent on behalf of a device, the method comprising:
- obtaining, by a processor, a list of applications installed on the device from a repository remote from the security agent and device, wherein the repository is located on another device independent from the security agent and the device;
for each respective application on the list, comparing reputation attributes obtained from a reputation database against attributes of the application installed on the device; and
for any of the respective applications for which it is determined from the comparing that the application installed on the device is malicious, taking action to limit malicious activity by the respective application installed on the device;
wherein the security agent is not installed on the device.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for implementing a security agent on behalf of a device, the method comprising: obtaining a list of applications installed on the device from a remote repository; for each respective application on the list, comparing reputation attributes obtained from a reputation database against attributes of the application installed on the device; and for any of the respective applications for which it is determined from the comparing that the application installed on the device is malicious, taking action to limit malicious activity by the respective application installed on the device.
6 Citations
16 Claims
-
1. A method for implementing a security agent on behalf of a device, the method comprising:
-
obtaining, by a processor, a list of applications installed on the device from a repository remote from the security agent and device, wherein the repository is located on another device independent from the security agent and the device; for each respective application on the list, comparing reputation attributes obtained from a reputation database against attributes of the application installed on the device; and for any of the respective applications for which it is determined from the comparing that the application installed on the device is malicious, taking action to limit malicious activity by the respective application installed on the device; wherein the security agent is not installed on the device. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A non-transitory computer readable memory storing a set of executable instructions for implementing a security agent on behalf of a device, the set of executable instructions comprising:
-
code for obtaining, by a processor, a list of applications installed on the device from a repository remote from the security agent and the device, wherein the repository is located on another device independent from the security agent and the device; code for comparing, for each respective application on the list, reputation attributes obtained from a reputation database against attributes of the application installed on the device; and for any of the respective applications for which it is determined from executing the code for comparing that the application installed on the device is malicious, code for taking action to limit malicious activity by the respective application installed on the device. - View Dependent Claims (7, 8, 9, 10)
-
-
11. At least one security server comprising at least one memory storing a set of computer executable instructions and at least one processor, wherein the memory with the set of computer executable instructions is configured with the at least one processor to cause the security server to at least:
-
obtain, by the processor, a list of applications installed on a device from a repository remote from the security server and the device, wherein the repository is located on another device independent from the security server and the device; for each respective application on the list, compare reputation attributes obtained from a reputation database against attributes of the application installed on the device; and for any of the respective applications for which it is determined from the comparing that the application installed on the device is malicious, take action to limit malicious activity by the respective application installed on the device. - View Dependent Claims (12, 13, 14, 15, 16)
-
Specification