×

Systems and methods for malware detection and mitigation

  • US 9,686,293 B2
  • Filed: 02/23/2015
  • Issued: 06/20/2017
  • Est. Priority Date: 11/03/2011
  • Status: Active Grant
First Claim
Patent Images

1. A method for monitoring malware events in a computer networking environment, comprising the steps of:

  • identifying a plurality of suspect objects including data about network transactions or computer operations suspected of being linked to a security risk;

    transmitting the plurality of suspect objects to an inspection service operating on one or more general purpose digital computers;

    inspecting the plurality of suspect objects using a plurality of inspection methods to create digital information about the nature of the potential threat posed by the plurality of suspect objects;

    transmitting said digital information to an analytical service operating on one or more general purpose digital computers;

    performing a plurality of analytical algorithms to categorize the plurality of suspect objects with one or more scores for each suspect object based on their security threat;

    transmitting said one or more scores to a correlation facility;

    aggregating the one or more scores, optionally with other information about each suspect objects, into the form of aggregate data representing one or more aggregate features of the plurality of suspect objects;

    determining that at least one of the plurality of suspect objects is a suspected security threat based at least on the one or more scores; and

    in response to determining that at least one of the plurality of suspect objects is a suspected security threat, generating an infection verification pack (IVP) including routines, the infection verification pack configured to be executed on an end-point machine within the computer networking environment that used or executed the suspected security threat.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×