Methods for combating malicious software
US8528087B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 27, 2006 |
| Grant date | Sep 3, 2013 |
| Priority date | — |
| Expiry date | Mar 1, 2031 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/566
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A method for combating malware monitors all attempts by any software executing on a computer to write data to the computer's digital storage medium and records details of the attempts in a system database having a causal tree structure. The method also intercepts unauthorized attempts by executing objects to modify the memory allocated to other executing objects or to modify a selected set of protected objects stored on the digital storage medium, and may also intercept write attempts by executing objects that have a buffer overflow or that are executing in a data segment of memory. The method may include a procedure for switching the computer into a quasi-safe mode that disables all non-essential processes. Preferably, the database is automatically organized into software packages classified by malware threat level. Entire or packages or portions thereof may be easily selected and neutralized by a local or remote user.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.