Determining application reputation based on deviations in security rating scores
US9894045B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Dec 14, 2015 |
| Grant date | Feb 13, 2018 |
| Priority date | — |
| Expiry date | Mar 4, 2036 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/033
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
The present disclosure relates to detecting security risks from application packages signed using a key based on differences detected between application packages. An example method generally includes calculating a difference score for a first application package signed using the key. The difference score may be based on differences detected between content of the first application package and content of one or more second application packages signed using the key. A computing system calculates an average difference score from the individual difference scores. Upon determining that the difference score for a specific application package of the second application packages exceeds the average difference score by a threshold amount, the computing system sets a reputation associated with the specific application package to an unknown reputation and generates an alert indicating that the specific application package is a potential security risk.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.