Patent · US Active

Systems and methods for automatically detecting backdoors

US8990944B1 · kind B1 · utility

300Cited by

177References

39Claims

0Family size

Assignee

FireEye, Inc. · US

Inventors

Abhishek Singh · Redmond, US
Jayaraman Manni · San Jose, US

Key dates

Filing date	Feb 23, 2013
Grant date	Mar 24, 2015
Priority date	—
Expiry date	Nov 8, 2033

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/577
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Techniques for detecting malicious attacks may monitor activities during execution of content (e.g., network downloads and email) to identify an instruction backdoor on a computer. An instruction backdoor is malware that opens a port for listening for instructions from a remote server. Such instructions may trigger activation of malicious activity. These techniques employ virtual machines that, in a controlled and monitored environment, permit content, when loaded and executed, to open ports. When those ports are not the authorized ones used for communications by known programs installed on the computer, an instruction backdoor is discovered.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.