Heuristic detection malicious code blacklist updating and protection system and method
US8225405B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Jan 29, 2009 |
| Grant date | Jul 17, 2012 |
| Priority date | — |
| Expiry date | Mar 30, 2031 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/205
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Unknown malicious code is heuristically detected on a host computer system. A virus signature for the malicious code is created locally on the host computer system. A blacklist on the host computer system is updated with the virus signature for the heuristically detected malicious code. Accordingly, the blacklist is updated with the virus signature of the heuristically detected malicious code without distribution of the virus signature to the general public. Further, the host computer system is scanned for other instances of the heuristically detected malicious code using the created virus signature. Accordingly, file based detection and remediation of the malicious code is achieved without requiring execution of the malicious code for detection and the associated risks.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.