Patent · US Active

Malicious/benign computational behavior detection using parametric behavioral pattern definition

US11907370B2 · kind B2 · utility

1Cited by

2References

16Claims

0Family size

Assignee

CrowdStrike, Inc. · US

Inventors

David F. Diehl · Akron, US
Daniel W. Brown · Beverly, US
Aaron Javan Marks · Warminster, US
Kirby Koster · Almonte, CA
Daniel T. Martin · Clemmons, US

Key dates

Filing date	Sep 11, 2020
Grant date	Feb 20, 2024
Priority date	—
Expiry date	Aug 20, 2041

Classification

Technology area (CPC G)Physics
CPC primaryG06N20/00
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A security agent implemented on a monitored computing device is described herein. The security agent has access to parametric behavioral pattern definitions that, in combination with canonical patterns of behavior, configure the security agent to match observed behavior with known computing behavior that is benign or malignant. This arrangement of the definitions and the pattern of behavior allow the security agent's behavior to be updated by a remote security service without updating a configuration of the security agent. The remote security service can create, modify, and disseminate these definitions and patterns of behavior, giving the security agent real-time ability to respond to new behaviors exhibited by the monitored computing device.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.