Methods and apparatus for dealing with malware
US8726389B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 8, 2012 |
| Grant date | May 13, 2014 |
| Priority date | — |
| Expiry date | Jul 8, 2032 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/577
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
In one aspect, a method of classifying a computer object as malware includes receiving at a base computer data about a computer object from each of plural remote computers on which the object or similar objects are stored. The data about the computer object received from the plural computers is compared in the base computer. The computer object is classified as malware on the basis of said comparison. In one embodiment, the data about the computer object includes one or more of: executable instructions contained within or constituted by the object; the size of the object; the name of the object; the logical storage location or path of the object on the respective remote computers; the vendor of the object; the software product and version associated with the object; and, events initiated by or involving the object when the object is created, configured or runs on the respective remote computers.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.