Patent · US Active

Systems and methods for determining if a process is a malicious process

US8615805B1 · kind B1 · utility

3Cited by

2References

14Claims

0Family size

Assignee

Symantec Corporation · US

Inventors

Mark Obrecht · Austin, US
Shane Pereira · Bellevue, US

Key dates

Filing date	Sep 3, 2008
Grant date	Dec 24, 2013
Priority date	—
Expiry date	Mar 10, 2032

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/034
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A method for classifying a process that modifies a registry attribute is described. At least one attribute associated with a registry is monitored. A determination is made that the at least one attribute has been modified. The process that modified the at least one attribute is identified. One or more characteristics of the identified process is evaluated. The identified process is classified based on the evaluation of the one or more characteristics of the identified process.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.