Patent · US Active

Malware detection and identification using deviations in one or more operating parameters

US10162963B2 · kind B2 · utility

0Cited by

0References

18Claims

0Family size

Assignee

LENOVO ENTERPRISE SOLUTIONS (SINGAPORE) PTE. LTD. · SG

Inventors

Paul T. Artman · Austin, US
Gary D. Cudak · Creedmoor, US
Tristian T. Brown · Raleigh, US
Christopher L. Wood · Austin, US

Key dates

Filing date	Mar 30, 2016
Grant date	Dec 25, 2018
Priority date	—
Expiry date	Sep 13, 2036

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/566
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A method is provided for detecting malware, such as a virus or spyware. The method looks for deviations expected operating parameters instead of focusing solely on conventional malware signatures. The method includes monitoring current operating parameters for a computing system running one or more application, obtaining baseline operating parameters for the computing system running the one or more application in the absence of malware, identifying a deviation between the current operating parameters and the baseline operating parameters, and determining whether the identified deviation matches a deviation associated with a predetermined malware definition.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.