Malware management through kernel detection
US8190868B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Aug 7, 2006 |
| Grant date | May 29, 2012 |
| Priority date | — |
| Expiry date | Apr 6, 2029 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/566
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A system and method for managing pestware on a protected computer is described. The method in one variation includes starting a boot sequence that includes a period when boot drivers are initialized, initiating a kernel-level monitor during the period when boot drivers are initialized, monitoring events with the kernel-level monitor during the boot sequence and managing pestware-related events with the kernel-level monitor before a period in the boot sequence when native applications are capable of running. In variations, a pestware management engine is initialized after an operating system of the protected computer is initialized and the pestware management system both receives an event log of the monitored events and compiles the set of behavior rules utilized by kernel-level monitor.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.