Patent · US Active

System and method for detecting malicious use of a remote administration tool

US11978062B2 · kind B2 · utility

0Cited by

0References

24Claims

0Family size

Assignee

AO Kaspersky Lab · RU

Inventor

Sergey Ivanov · Moscow, RU

Key dates

Filing date	Jan 28, 2021
Grant date	May 7, 2024
Priority date	—
Expiry date	Feb 27, 2042

Classification

Technology area (CPC H)Electricity
CPC primaryH04L2463/102
WIPO fieldIT methods for management
WIPO sectorElectrical engineering

Abstract

Disclosed herein are systems and methods for detecting malicious use of a remote administration tool. In one aspect, an exemplary method comprises, gathering, from a flow of events, data that comprises any number of keyboard entry events, wherein each event is related at least to actions indicating a keyboard entry and a context in which the event occurred, comparing the gathered keyboard entry events with signatures from a database, and when a match is found with at least one signature, identifying an activity which is a characteristic that indicates that the remote administration tool is being controlled remotely.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.