Patent · US Active

Early detection of potential malware

US8627475B2 · kind B2 · utility

37Cited by

2References

20Claims

0Family size

Assignee

Microsoft Corporation · US

Inventors

Shawn D. Loveland · Sammamish, US
John J. Lambert · Seattle, US
Darren Ernest Canavor · Redmond, US
Ryan Colvin · Bothell, US

Key dates

Filing date	Apr 8, 2010
Grant date	Jan 7, 2014
Priority date	—
Expiry date	Apr 25, 2031

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/552
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Evidence of attempted malware attacks may be used to identify the location and nature of future attacks. A failed attack may cause a program to crash. Crash data may be sent to an analyzer for analysis. The analysis may reveal information such as the identity of the program that is being exploited, the specific way in which the program is being exploited, and the identity or location of the source of the attack. This information may be used to identify potential sources of attack and to identify the same type of attack from other sources. When the source and/or nature of an attempted attack is known, remedial action may be taken. Filters may warn users who are attempting to visit sites from which attacks have been attempted, and the makers of programs that are being exploited can be notified so that those program makers can release updates.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.