Patent · US Active

Endpoint malware detection using an event graph

US10489588B2 · kind B2 · utility

7Cited by

21References

20Claims

0Family size

Assignee

Sophos Limited · GB

Inventors

Beata Ladnai · Altrincham, GB
Mark David Harris · Banbury, GB
Andrew J. Thomas · Woodstock, GB
Andrew G. P. Smith · North Hinksey, GB
Russell Humphries · Redmond, US

Key dates

Filing date	Mar 19, 2018
Grant date	Nov 26, 2019
Priority date	—
Expiry date	Mar 19, 2038

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/2101
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A data recorder stores endpoint activity on an ongoing basis as sequences of events that causally relate computer objects such as processes and files, and patterns within this event graph can be used to detect the presence of malware on the endpoint. The underlying recording process may be dynamically adjusted in order to vary the amount and location of recording as the security state of the endpoint changes over time.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.