Malicious mobile code runtime monitoring system and methods

CAFC
  • US 9,189,621 B2
  • Filed: 02/11/2015
  • Issued: 11/17/2015
  • Est. Priority Date: 11/08/1996
  • Status: Expired due to Fees
First Claim
Patent Images

1. A system for determining whether a downloadable is suspicious, comprising:

  • at least one processor for accessing elements stored in at least one memory associated with the at least one processor and for executing instructions associated with the elements, the elements including;

    a plurality of operating system probes operating substantially in parallel for monitoring a plurality of subsystems of the operating system during runtime for an event caused from a request made by a downloadable;

    an interrupter for interrupting processing of the request;

    a first comparator coupled to the plurality of operating system probes for comparing information pertaining to the downloadable against a predetermined security policy, wherein the information pertaining to the downloadable includes information pertaining to an operation of the downloadable and distinct from information pertaining to the request; and

    a response engine for performing a predetermined responsive action based on the comparison.

View all claims
    ×
    ×

    Thank you for your feedback

    ×
    ×