Patent · US Active

Malicious content analysis using simulated user interaction without user involvement

US9104867B1 · kind B1 · utility

284Cited by

125References

44Claims

0Family size

Assignee

FireEye, Inc. · US

Inventors

Emmanuel Thioux · Santa Cruz, US
Muhammad Amin · Fremont, US
Darien Kindlund · Victorville, US
Alex Pilipenko · Belmont, US
Michael Vincent · Sunnyvale, US

Key dates

Filing date	Mar 13, 2013
Grant date	Aug 11, 2015
Priority date	—
Expiry date	Mar 26, 2033

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1416
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Techniques for detecting malicious content using simulated user interactions are described herein. In one embodiment, a monitoring module monitors activities of a malicious content suspect executed within a sandboxed operating environment. In response to detection of a predetermined event triggered by the malicious content suspect requesting a user action on a graphical user interface (GUI) presented by the malicious content suspect, simulating, a user interaction module simulates a user interaction with the GUI without user intervention. An analysis module analyzes activities of the malicious content suspect in response to the simulated user interaction to determine whether the malicious content suspect should be declared as malicious.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.