System and method of caching decisions on when to scan for malware
US7882561B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jan 31, 2005 |
| Grant date | Feb 1, 2011 |
| Priority date | — |
| Expiry date | May 23, 2028 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/564
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
In accordance with this invention, a system, method, and computer-readable medium that selectively scans files stored on a computing device for malware is provided. One aspect of the present invention includes identifying files that need to be scanned for malware when a software update that includes a malware signature is received. More specifically, attributes of the new malware are identified by searching metadata associated with the malware. Then, the method searches a scan cache and determines whether each file with an entry in the scan cache is the type that may be infected by the malware. If a file is the type that may be infected by the malware, the file is scanned for malware when a scanning event such as an I/O request occurs. Conversely, if the file is not the type that may be infected by the malware, the file may be accessed without a scan being performed.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.