Patent · US Active

File-system-independent malicious content detection

US7917481B1 · kind B1 · utility

30Cited by

7References

9Claims

0Family size

Assignee

Symantec Operating Corporation · US

Inventors

Sanjay Ramchandra Kale · Pune, IN
Kuldeep Sureshrao Nagarkar · Pune, IN
Abhay Harishchandra Marode · Jamkhed, IN
Michael Spertus · Chicago, US

Key dates

Filing date	Sep 28, 2006
Grant date	Mar 29, 2011
Priority date	—
Expiry date	Dec 28, 2026

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/562
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

The present invention enables a large number of files to be processed for evidence of malicious content, independently of the file system that maintains the files. The processed files can be obtained from live data or a point-in-time copy (e.g., a snapshot) of the data, based on mapping information that maps the files to the physical storage device. In one embodiment, a method involves accessing mapping information corresponding to a set of data. The mapping information maps at least a portion of a file to a physical storage location. The portion of the file can be read from the physical storage location using the mapping information, without accessing a file system. The portion of the file can then be analyzed for evidence of malicious content.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.