Systems and methods for detecting malware
US8402539B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Sep 8, 2011 |
| Grant date | Mar 19, 2013 |
| Priority date | — |
| Expiry date | Sep 27, 2031 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1416
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method for detecting malware may include 1) receiving a request to determine whether a connection from a client device to a server is being blocked, 2) attempting to connect to the server from a kernel mode of the client device, 3) determining that the client device successfully connected to the server from the kernel mode, 4) attempting to connect to the server from a user mode of the client device, 5) determining that the client device did not successfully connect to the server from the user mode, 6) determining, based on the client device successfully connecting to the server from the kernel mode and failing to connect to the server from the user mode, that malware is blocking the connection from the client device to the server, and 7) in response to determining that the malware is blocking the connection, performing at least one security action.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.