Computer immune system and method for detecting unwanted code in a computer system
US7093239B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Aug 18, 2000 |
| Grant date | Aug 15, 2006 |
| Priority date | — |
| Expiry date | Aug 18, 2020 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/562
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
An automated analysis system detects malicious code within a computer system by generating and subsequently analyzing a behavior pattern for each computer program introduced to the computer system. Generation of the behavior pattern is accomplished by a virtual machine invoked within the computer system. An initial analysis may be performed on the behavior pattern to identify infected programs on initial presentation of the program to the computer system. The analysis system also stores behavior patterns and sequences with their corresponding analysis results in a database. Newly infected programs can be detected by analyzing a newly generated behavior pattern for the program with reference to a stored behavior pattern to identify presence of an infection or payload pattern.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.