Patent · US Active

Systems and methods for locating malware

US8621632B1 · kind B1 · utility

2Cited by

1References

18Claims

0Family size

Assignee

Symantec Corporation · US

Inventors

Spencer Smith · El Segundo, US
Adam Glick · Culver City, US
Nicholas Graf · Austin, US

Key dates

Filing date	May 21, 2009
Grant date	Dec 31, 2013
Priority date	—
Expiry date	Apr 1, 2032

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1425
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A computer-implemented method for locating malware may include identifying a malicious behavior in a computing system. The computer-implemented method may also include determining that the malicious behavior arises from a set of interrelated executable objects. The computer-implemented method may further include identifying an executable object recently added to the set of interrelated executable objects. The computer-implemented method may additionally include attributing the malicious behavior to the recently added executable object based on when the recently added executable object was added to the set of interrelated executable objects. The computer-implemented method may also include performing a security action on the recently added executable object. Various other methods, systems, and computer-readable media are also disclosed.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.