Detecting malicious use of computer resources by tasks running on a computer system
US8931096B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 9, 2011 |
| Grant date | Jan 6, 2015 |
| Priority date | — |
| Expiry date | Jan 13, 2032 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2101
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A method, apparatus, and computer program product for identifying malware is disclosed. The method identifies processes in a running process list on a host computer system. The method identifies ports assigned to the processes in the running process list on the host computer system. The method determines whether any one of ports that is currently in use in the host computer system is not assigned to any of the processes in the running process list. The method then makes a record that a hidden, running process is present as a characteristic of an attack in response to a determination that one of the ports is currently in use but is not assigned to any of the processes in the running process list in the host computer system.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.