System and method for malicious software detection in multiple protocols
US8321936B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | May 30, 2008 |
| Grant date | Nov 27, 2012 |
| Priority date | — |
| Expiry date | Oct 11, 2030 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0227
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A system and a method for detecting malicious content associated with an electronic message are described. An electronic message, such as an e-mail, a chat request, a torrent file or a text message is initially received. The electronic message can then be compared to known viruses using pattern or signature matching techniques. The electronic message is then transmitted to a virtual machine which executes the electronic message in an environment simulating the destination computing system of the electronic message. The virtual machine monitors execution of the electronic message to identify one or more malicious actions and classifies the electronic message accordingly. For example, message component execution is monitored for attempts to access system files, attempts to access user information, attempts to transmit system configuration data or attempts to transmit user information.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.