Malware detection using internal malware detection operations
US9413782B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Jan 27, 2015 |
| Grant date | Aug 9, 2016 |
| Priority date | — |
| Expiry date | Jan 27, 2035 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1416
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A system may determine to perform an internal malware detection operation to detect malware executing on a client device. The system may perform the internal malware detection operation. The internal malware detection operation may be performed locally on a particular device without requiring communication with another device. The system may modify an environment executing on the particular device, to form a modified environment, based on performing the internal malware detection operation. The system may monitor the modified environment for a particular behavior indicative of a malware infection. The system may detect that the particular behavior has occurred. The system may provide a notification that the client device is infected with malware based on detecting that the particular behavior has occurred. The notification may cause one or more network devices to block network traffic to or from the client device.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.