Patent · US Active

System and method for detection of complex malware

US8042186B1 · kind B1 · utility

88Cited by

11References

20Claims

0Family size

Assignee

Kaspersky Lab, ZAO · RU

Inventors

Alexey Polyakov · Sammamish, US
Vladislav V. Martynenko · Moscow, RU
Yuri G. Slobodyanuk · Moscow, RU
Denis A. Nazarov · Moscow, RU
Mikhail A. Pavlyushchik · Moscow, RU

Key dates

Filing date	Apr 28, 2011
Grant date	Oct 18, 2011
Priority date	—
Expiry date	Apr 28, 2031

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/552
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Disclosed are systems, methods and computer program products for detection of malware with complex infection patterns. The system provides enhanced protection against malware by identifying potentially harmful software objects, monitoring execution of various processes and threads of potentially harmful objects, compiling contexts of events of execution of the monitored processes and threads, and merging contexts of related processes and threads. Based on the analysis of the individual and merged object contexts using malware behavior rules, the system allows detection of malicious objects that have simple and complex behavior patterns.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.