Patent · US Active

Malicious content analysis using simulated user interaction without user involvement

US10848521B1 · kind B1 · utility

17Cited by

352References

32Claims

0Family size

Assignee

FireEye, Inc. · US

Inventors

Emmanuel Thioux · Santa Cruz, US
Muhammad Amin · Fremont, US
Darien Kindlund · Victorville, US
Alex Pilpenko · Belmont, US
Michael Vincent · Sunnyvale, US

Key dates

Filing date	Mar 5, 2018
Grant date	Nov 24, 2020
Priority date	—
Expiry date	Mar 5, 2038

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1416
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Techniques for detecting malicious content using simulated user interactions are described herein. In one embodiment, a monitoring module monitors activities of a malicious content suspect executed within a sandboxed operating environment. In response to detection of a predetermined event triggered by the malicious content suspect requesting a user action on a graphical user interface (GUI) presented by the malicious content suspect, simulating, a user interaction module simulates a user interaction with the GUI without user intervention. An analysis module analyzes activities of the malicious content suspect in response to the simulated user interaction to determine whether the malicious content suspect should be declared as malicious.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.