Patent · US Active

Method, apparatus and system for detecting malicious process behavior

US9842208B2 · kind B2 · utility

0Cited by

14References

20Claims

0Family size

Assignee

BAIDU ONLINE NETWORK TECHNOLOGY (BEIJING) CO., LTD. · CN

Inventors

Yinming Mei · Beijing, CN
Yizhi XIE · Beijing, CN
Huaming Yue · Beijing, CN
Hanzhong Hu · Chelmsford, US
Tingli Bi · Beijing, CN

Key dates

Filing date	Dec 29, 2014
Grant date	Dec 12, 2017
Priority date	—
Expiry date	Jan 2, 2035

Classification

Technology area (CPC H)Electricity
CPC primaryH04W12/68
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method, apparatus and system for detecting a malicious process behavior. A detection apparatus monitors a process to obtain behavior information about a target process behavior, and then sends the behavior information to a server, which determines whether the target process behavior is a malicious process behavior. The detection apparatus can receive first operation indication information returned by the server according to a detection result of the target process behavior, and perform an operation on the target process behavior according to the first operation indication information. The target process behavior is subjected to a comprehensive detection by the server according to the behavior information, rather than depending on a specified feature analysis of a single sample of the target process behavior by the detection apparatus, so that malicious process behavior can be detected in time, thereby improving the security performance of the system.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.