Patent · US Active

Malicious/benign computational behavior detection using canonic patterns of behavior

US10803172B2 · kind B2 · utility

1Cited by

5References

21Claims

0Family size

Assignee

CrowdStrike, Inc. · US

Inventors

David F. Diehl · Akron, US
Daniel W. Brown · Beverly, US
Aaron Javon Marks · Warminster, US
Kirby Koster · Almonte, CA
Daniel T. Martin · Clemmons, US

Key dates

Filing date	May 2, 2017
Grant date	Oct 13, 2020
Priority date	—
Expiry date	Jun 9, 2038

Classification

Technology area (CPC G)Physics
CPC primaryG06N20/00
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A security agent implemented on a monitored computing device is described herein. The security agent has access to parametric behavioral pattern definitions that, in combination with canonical patterns of behavior, configure the security agent to match observed behavior with known computing behavior that is benign or malignant. This arrangement of the definitions and the pattern of behavior allow the security agent's behavior to be updated by a remote security service without updating a configuration of the security agent. The remote security service can create, modify, and disseminate these definitions and patterns of behavior, giving the security agent real-time ability to respond to new behaviors exhibited by the monitored computing device.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.