Patent · US Active

Detecting malicious use of computer resources by tasks running on a computer system

US9251345B2 · kind B2 · utility

3Cited by

19References

14Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Robert G. Freeman · Provo, US
Gunter Ollmann · Norcross, US

Key dates

Filing date	Nov 19, 2014
Grant date	Feb 2, 2016
Priority date	—
Expiry date	Nov 19, 2034

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/2101
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A method, apparatus, and computer program product for identifying malware is disclosed. The method identifies processes in a running process list on a host computer system. The method identifies ports assigned to the processes in the running process list on the host computer system. The method determines whether any one of ports that is currently in use in the host computer system is not assigned to any of the processes in the running process list. The method then makes a record that a hidden, running process is present as a characteristic of an attack in response to a determination that one of the ports is currently in use but is not assigned to any of the processes in the running process list in the host computer system.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.