Method for malware removal based on network signatures and file system artifacts
US8191147B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 24, 2008 |
| Grant date | May 29, 2012 |
| Priority date | — |
| Expiry date | Nov 18, 2030 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1416
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A network communication corresponding to a malicious network signature associated with malicious code is detected on a host computer system. A determination is made whether or not the malicious network signature is validated as associated with a non-malicious code process. Upon a determination that the malicious network signature is not validated, the corresponding network communication is blocked, and the associated malicious code is located on the host computer system and removed from the host computer system. In some embodiments, the host computer system is further evaluated for the presence of residual artifacts of the malicious code on the host computer system.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.