Patent · US Active

Computer forensic system

US8584241B1 · kind B1 · utility

35Cited by

0References

15Claims

0Family size

Assignee

Lockheed Martin Corporation · US

Inventors

Joshua C. Jenks · Alexandria, US
Evan Teran
Samuel Stover · Orrtanna, US

Key dates

Filing date	Aug 11, 2010
Grant date	Nov 12, 2013
Priority date	—
Expiry date	Oct 15, 2031

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/566
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A method for processing, analyzing live and off-line physical memory in order to determine the presence, and initiate the removal, of malware from the system. The internal structures within the host operating system, the drivers, and the user-space executables can be utilized to self-verify the integrity of the processes, their related structures, and the binary execution paths residing on the system. Additionally, these same characteristics are employed for use in comparison with other baseline malicious and benign datasets as well as datasets from live systems to automatically identify malware and remove it from a targeted computer system.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.