×

Anti-malware digital-signature verification

  • US 9,058,504 B1
  • Filed: 05/21/2013
  • Issued: 06/16/2015
  • Est. Priority Date: 05/21/2013
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method for managing access to files and processes associated with an anti-malware application, comprising:

  • initializing a self-protection application, the self-protection application comprising instructions executed by a processor of a client device, the self protection application executing in kernel mode of an operating system of the client device;

    monitoring one or more processes executing on the client device;

    detecting, by the self-protection application executing in kernel mode, a process that is attempting to access a file or process associated with the anti-malware application;

    verifying a digital certificate contained within a digital signature associated with the detected process by comparing the digital certificate with a digital certificate copy obtained from a certificate authority;

    verifying a timestamp of a program associated with the detected process by comparing the timestamp of the program to a period of validity associated with the digital certificate;

    determining, by the self-protection application executing in kernel mode, whether the detected process is a trusted process based in part on verifying that the digital certificate matches the digital certificate copy and verifying that the timestamp of the program associated with the detected process is within the period of validity associated with the digital certificate, wherein the trusted process originates from applications authorized to access a file or process associated with the anti-malware application;

    determining whether to allow the detected process based at least in part on whether the process is a trusted; and

    allowing the detected process access to the file or process associated with the anti-malware application subject to the determining.

View all claims
  • 7 Assignments
Timeline View
Assignment View
    ×
    ×