Patent · US Active

Method and apparatus for detecting malware infection

US8955122B2 · kind B2 · utility

9Cited by

16References

16Claims

0Family size

Assignee

SRI International · US

Inventors

Guofei Gu · Atlanta, US
Phillip A. Porras · Menlo Park, US
Martin W. Fong · San Francisco, US

Key dates

Filing date	Apr 4, 2008
Grant date	Feb 10, 2015
Priority date	—
Expiry date	Mar 10, 2030

Classification

Technology area (CPC H)Electricity
CPC primaryH04L2463/144
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

In one embodiment, the present invention is a method and apparatus for detecting malware infection. One embodiment of a method for detecting a malware infection at a local host in a network, includes monitoring communications between the local host and one or more entities external to the network, generating a dialog warning if the communications include a transaction indicative of a malware infection, declaring a malware infection if, within a predefined period of time, the dialog warnings includes at least one dialog warning indicating a transaction initiated at the local host and at least one dialog warning indicating an additional transaction indicative of a malware infection, and outputting an infection profile for the local host.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.