Patent · US Active

System and method of detecting anomaly malicious code by using process behavior prediction technique

US8181248B2 · kind B2 · utility

104Cited by

1References

11Claims

0Family size

Assignee

KOREA ADVANCED INSTITUTE OF SCIENCE AND TECHNOLOGY · KR

Inventors

HyungGeun OH · Daejeon, KR
Seung-Hyun Paek · Seojong-myeon, KR
Cheolho Lee · Busan, KR
Dohoon Lee · Jicheon-myeon, KR

Key dates

Filing date	Nov 21, 2007
Grant date	May 15, 2012
Priority date	—
Expiry date	Jan 21, 2030

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/56
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Provided are a pattern analyzing/detecting method and a system using the same that are capable of detecting and effectively preventing an unknown malicious code attack. To detect such an attack, the method monitors the system to combine all behaviors exhibited within the system due to corresponding malicious codes, reprocess and learn the behaviors, analyze existing malicious behavior feature values (prediction patterns), and compare them with a behavior pattern exhibited by an execution code.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.