Systems and methods for detecting malicious digitally-signed applications
US8756432B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | May 22, 2012 |
| Grant date | Jun 17, 2014 |
| Priority date | — |
| Expiry date | May 22, 2032 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/565
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A computer-implemented method for detecting malicious digitally-signed applications. The method may include 1) identifying an application package file that has been digitally signed, wherein the application package file is used to distribute an application, 2) comparing the application package file to a set of known application package files, 3) determining that the application package file has been repackaged from a known application package file, 4) comparing a public key associated with a digital signature of the application package file to a public key associated with a digital signature of the known application package file, 5) determining that the public key associated with the digital signature of the application package file and the public key associated with the digital signature of the known application package file are different, and 6) performing a security action on the application. Various other methods, systems, and computer-readable media are also disclosed.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.