In-the-cloud sandbox for inspecting mobile applications for malicious content

US 8,966,632 B1
Filed: 02/17/2012
Issued: 02/24/2015
Est. Priority Date: 02/17/2012
Status: Active Grant

First Claim

Patent Images

1. A method of inspecting mobile applications for malicious content, the method comprising:

receiving a request from a mobile device running a mobile operating system to inspect a particular mobile application for malicious content;

in response to receiving the request, receiving the particular mobile application from a mobile application source, installing the particular mobile application in a virtual machine sandbox running in a cloud computer system, and inspecting the particular mobile application for malicious content while the particular mobile application is executing in the virtual machine sandbox; and

sending a result of inspecting the particular mobile application for malicious content to the mobile device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A low resource mobile device, such as a smart phone or a tablet running a mobile operating system, requests a cloud computer system to inspect a mobile application for malicious content. The cloud computer system downloads the mobile application from a mobile application source, and installs the mobile application in a virtual machine sandbox. The cloud computer system inspects the mobile application for malicious content while the mobile application executes in the virtual machines sandbox. The result of the inspection is sent to the user in accordance with a setting that may be indicated in a cloud sandbox agent running on the mobile device.

51 Citations

View as Search Results

20 Claims

1. A method of inspecting mobile applications for malicious content, the method comprising:
- receiving a request from a mobile device running a mobile operating system to inspect a particular mobile application for malicious content;
  
  in response to receiving the request, receiving the particular mobile application from a mobile application source, installing the particular mobile application in a virtual machine sandbox running in a cloud computer system, and inspecting the particular mobile application for malicious content while the particular mobile application is executing in the virtual machine sandbox; and
  
  sending a result of inspecting the particular mobile application for malicious content to the mobile device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1 wherein the mobile device comprises a smart phone running the mobile operating system.
  - 3. The method of claim 1 wherein the mobile device comprises a tablet running the mobile operating system.
  - 4. The method of claim 1 wherein the result of inspecting the particular mobile application for malicious content is sent to the mobile device in accordance with a setting of the cloud sandbox agent running on the mobile device.
  - 5. The method of claim 4 wherein the setting of the cloud sandbox agent indicates sending the result of inspecting the particular mobile application for malicious content by e-mail.
  - 6. The method of claim 1 wherein the particular mobile application is inspected for computer viruses.
  - 7. The method of claim 1 further comprising:
    - consulting a cache for a result of a previous inspection of the particular mobile application for malicious content prior to installing the particular mobile application in the virtual machine sandbox.
  - 8. The method of claim 1 wherein the request from the mobile device includes a setting on how the result of inspecting the particular mobile application for malicious content will be received by the mobile device.

9. A system for inspecting mobile applications for malicious content, the system comprising:
- a mobile device configured to send a request to inspect a particular mobile application for malicious content, the mobile device running a mobile operating system;
  
  a mobile application source storing the particular mobile application; and
  
  the cloud computer system comprising one or more computers configured to receive from the mobile device the request to inspect the particular mobile application for malicious content, the cloud computer system being configured in response to the request to download the particular mobile application from the mobile application source over a computer network, to install the particular mobile application in a virtual machine sandbox, to inspect the particular mobile application for malicious content while the particular mobile application is executing in the virtual machine sandbox, and to forward to the mobile device a result of the inspection of the particular mobile application for malicious content.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The system of claim 9 wherein the mobile device comprises a smart phone running the mobile operating system.
  - 11. The system of claim 9 wherein the mobile device comprises a tablet running the mobile operating system.
  - 12. The system of claim 9 wherein the cloud computer system forwards the result of the inspection of the particular mobile application for malicious content in accordance with a setting on a cloud sandbox agent running on the mobile device.
  - 13. The system of claim 9 wherein the setting on the cloud sandbox agent running on the mobile device indicates sending the result of the inspection of the particular mobile application for malicious content to the mobile device by e-mail.
  - 14. The system of claim 9 wherein the setting on the cloud sandbox agent running on the mobile device indicates sending the result of the inspection of the particular mobile application for malicious content to the mobile device by smart messaging service.
  - 15. The system of claim 9 wherein the cloud computer system is further configured to consult a cache to determine if the particular mobile application has been previously inspected for malicious content.

16. A method of inspecting mobile applications for malicious content, the method comprising:
- a smart phone sending a request to inspect a particular mobile application for malicious content to a cloud computer system;
  
  in response to receiving the request to inspect the particular mobile application for malicious content, the cloud computer system downloading the particular mobile application from a mobile application source over a computer network, installing the particular mobile application in a virtual machine sandbox, inspecting the particular mobile application for malicious content while the particular mobile application is executing in the virtual machine sandbox, and sending a result of inspecting the particular mobile application for malicious content to the smart phone.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method of claim 16 wherein the cloud computer system sends the result of inspecting the particular mobile application for malicious content by e-mail.
  - 18. The method of claim 16 wherein the cloud computer system sends the result of inspecting the particular mobile application for malicious content in accordance with a setting of a cloud sandbox agent running on the smart phone.
  - 19. The method of claim 16 wherein the particular mobile application is inspected for computer viruses.
  - 20. The method of claim 16 further comprising:
    - prior to installing the particular mobile application in the virtual machine sandbox, the cloud computer system consulting a cache for a result of a previous inspection of the particular mobile application for malicious content.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Trend Micro Inc.
Original Assignee
Trend Micro Inc.
Inventors
Yang, Shun-Fa, Su, Chung-Tsai, Twu, Geng Hwang, Liu, Haoping, Huang, Huaide
Primary Examiner(s)
Eskandarnia, Arvin

Application Number

US13/399,179
Time in Patent Office

1,103 Days
Field of Search

726/24
US Class Current

726/24
CPC Class Codes

G06F 21/53 by executing in a restricte...

G06F 21/566 Dynamic detection, i.e. det...

In-the-cloud sandbox for inspecting mobile applications for malicious content

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

51 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

In-the-cloud sandbox for inspecting mobile applications for malicious content

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

51 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others