Systems and methods for determining types of malware infections on computing devices
US9838405B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Nov 20, 2015 |
| Grant date | Dec 5, 2017 |
| Priority date | — |
| Expiry date | Feb 3, 2036 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2101
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
The disclosed computer-implemented method for determining types of malware infections on computing devices may include (1) identifying multiple types of security events generated by a group of endpoint devices that describe suspicious activities on the endpoint devices, each of the endpoint devices having one or more types of malware infections, (2) determining correlations between each type of security event generated by the group of endpoint devices and each type of malware infection within the group of endpoint devices, (3) identifying a set of security events generated on a target endpoint device that potentially has a malware infection, and (4) detecting, based on both the set of security events generated on the target endpoint device and the correlations between the types of malware infections and the types of security events, at least one type of malware infection likely present on the target endpoint device.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.