Evaluating installers and installer payloads
US10476894B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Feb 17, 2016 |
| Grant date | Nov 12, 2019 |
| Priority date | — |
| Expiry date | Feb 17, 2036 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/20
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A reputation of an installer may be determined based on contextual information including its source (e.g., its publisher), a cryptographic signature or certificate, a process that carried out its download, a user that initiated its download, whether the installer has been previously vetted by a security policy, and so forth. A corresponding reputation may then be inferred for each of the computer objects contained within the installer, such that the reputation remains with the computer objects if/when they are unpacked on an endpoint. Each of the computer objects may then be unpacked for individual analysis (e.g., a static analysis) regarding each object's compliance with a security policy, thereby producing a second reputation for each computer object. A decision whether to execute the installer/objects, e.g., during an installation process, may then be made by reconciling the reputation of the installer and the second reputation for each computer object.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.