Patent · US Active

Systems and methods for detecting malicious processes by analyzing process names and process characteristics

US8176555B1 · kind B1 · utility

15Cited by

1References

18Claims

0Family size

Assignee

Symantec Corporation · US

Inventors

Anthony Schreiner · Los Angeles, US
Brian Hernacki · Redwood City, US
Christopher Peterson · Culver City, US
William E. Sobel · Jamul, US
Mark Kennedy · Redondo Beach, US

Key dates

Filing date	May 30, 2008
Grant date	May 8, 2012
Priority date	—
Expiry date	Mar 9, 2031

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/566
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A computer-implemented method for detecting a malicious process using file-name heuristics may comprise: 1) identifying a process, 2) identifying a process name for the process, 3) identifying a list of process names for non-malicious processes, and 4) determining, by comparing the process name for the process with the list of process names for non-malicious processes, whether to allow the process to execute. A method for maintaining a database containing information about non-malicious processes is also disclosed. Corresponding systems and computer-readable media are also disclosed.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.