Patent · US Active

Endpoint malware detection using an event graph

US9928366B2 · kind B2 · utility

44Cited by

16References

26Claims

0Family size

Assignee

Sophos Limited · GB

Inventors

Beata Ladnai · Altrincham, GB
Mark David Harris · Banbury, GB
Andrew J. Thomas · Woodstock, GB
Andrew G. P. Smith · North Hinksey, GB
Russell Humphries · Redmond, US

Key dates

Filing date	Apr 11, 2017
Grant date	Mar 27, 2018
Priority date	—
Expiry date	Apr 11, 2037

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/2101
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A data recorder stores endpoint activity on an ongoing basis as sequences of events that causally relate computer objects such as processes and files, and patterns within this event graph can be used to detect the presence of malware on the endpoint. The underlying recording process may be dynamically adjusted in order to vary the amount and location of recording as the security state of the endpoint changes over time.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.