Backwards researching activity indicative of pestware
US8719932B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Jun 6, 2012 |
| Grant date | May 6, 2014 |
| Priority date | — |
| Expiry date | Oct 26, 2032 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/56
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A system and method for researching an identity of a source of activity that is indicative of pestware is described. In one embodiment the method comprises monitoring, using a kernel-mode driver, API call activity on the computer; storing information related to the API call activity in a log; analyzing, heuristically, the API call activity to determine whether one or more weighted factors associated with the API call activity exceeds a threshold; identifying, based upon the API call activity, a suspected pestware object on the computer; identifying, in response to the identifying the suspected pestware object, a reference to an identity of an externally networked source of the suspected pestware object; and reporting the identity of the externally networked source to an externally networked pestware research entity.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.