Patent application number | Description | Published |
20120210422 | METHOD AND APPARATUS FOR DETECTING MALICIOUS SOFTWARE USING GENERIC SIGNATURES - Novel methods, components, and systems for automatically detecting malicious software are presented. More specifically, we describe methods, components, and systems for the automated deployment of generic signatures to detect malicious software. (Typically, generic signature creation and deployment require more extensive manual processes.) The disclosed invention provides a significant improvement with regard to automation compared to previous approaches. | 08-16-2012 |
20120210423 | METHOD AND APPARATUS FOR DETECTING MALICIOUS SOFTWARE THROUGH CONTEXTUAL CONVICTIONS, GENERIC SIGNATURES AND MACHINE LEARNING TECHNIQUES - Novel methods, components, and systems that enhance traditional techniques for detecting malicious software are presented. More specifically, methods, components, and systems that use important contextual information from a client system (such as recent history of events on that system), machine learning techniques, the automated deployment of generic signatures, and combinations thereof, to detect malicious software. The disclosed invention provides a significant improvement with regard to automation compared to previous approaches. | 08-16-2012 |
20120227105 | METHOD AND APPARATUS FOR DETECTING MALICIOUS SOFTWARE USING MACHINE LEARNING TECHNIQUES - Novel methods, components, and systems for detecting malicious software in a proactive manner are presented. More specifically, we describe methods, components, and systems that leverage machine learning techniques to detect malicious software. The disclosed invention provides a significant improvement with regard to detection capabilities compared to previous approaches. | 09-06-2012 |
20130139261 | METHOD AND APPARATUS FOR DETECTING MALICIOUS SOFTWARE THROUGH CONTEXTUAL CONVICTIONS - Novel methods, components, and systems that enhance traditional techniques for detecting malicious software are presented. More specifically, we describe methods, components, and systems that leverage important contextual information from a client system (such as recent history of events on that system) to detect malicious software that might have otherwise gone ignored. The disclosed invention provides a significant improvement with regard to detection capabilities compared to previous approaches. | 05-30-2013 |
20130276114 | METHOD AND APPARATUS FOR RETROACTIVELY DETECTING MALICIOUS OR OTHERWISE UNDESIRABLE SOFTWARE - A system for retroactively detecting malicious software on an end user system without performing expensive cross-referencing directly on the endpoint device. A client provides a server with information about files that are on it together with what it knows about these files. The server tracks this information and cross-references it against new intelligence it gathers on clean or malicious files. If a discrepancy is found (i.e., a file that had been called malicious, but that is actually benign or vice versa), the server informs the client, which in turn takes an appropriate action based on this information. | 10-17-2013 |
20140165203 | Method and Apparatus for Retroactively Detecting Malicious or Otherwise Undesirable Software As Well As Clean Software Through Intelligent Rescanning - The present invention relates to the security of general purpose computing devices, such as laptop or desktop PCs, and more specifically to the detection of malicious software (malware) on a general purpose computing device. A challenge in detecting malicious software is that files are typically scanned for the presence of malicious intent only once (and subsequent rescanning is typically performed in a simplistic manner). Existing methods in the art do not address how to most effectively rescan collections of files in a way that tries to optimize performance and efficacy. Accordingly we present novel methods, components, and systems for intelligently rescanning file collections and thereby enabling retroactive detection of malicious software and also retroactive identification of clean software. These methods may also be useful if additional information is now available regarding a file that might be useful to an end-user or an administrator, even though the file's core disposition might not have changed. More specifically, we describe methods, components, and systems that perform data analytics to intelligently rescan file collections for the purpose of retroactively identifying malware and retroactively identifying clean files. The disclosed invention provides a significant improvement with regard to efficacy and performance compared to previous approaches. | 06-12-2014 |
20140188986 | Method and Apparatus for Identifying Computing Resource Trajectory - The present invention relates to the security of general purpose computing devices, such as laptop or desktop PCs, and more specifically to the detection of malicious software (malware) on a general purpose computing device. A challenge in maintaining a plurality of computing systems is that it may be required to have visibility into the extensive collection of computing related resources located across those systems as well as information about resources together with their behaviors and evolutions within those systems. Examples of such resources include files, file names, registry keys, entries in network communications logs, etc. Accordingly, we present novel methods, components, and systems for keeping track of information about these resources and presenting this information to an ultimate end user. More specifically, we describe methods, components, and systems that perform data analytics on system data to obtain and report upon resource trajectory information, such as when particular resources were seen in an environment, the actions associated with those resources, and other resources related to those original resources. If a particular resource is believed to be malicious or otherwise undesirable, then it can be determined which systems that resource is on, how it arrived on those systems, what it did on those systems as well as what resources are related to the original resource, and as such what might need to be removed from those systems to restore them to a more desirable state. Through the disclosed invention, system administrators will be better able to determine how to more effectively address issues related to the presence of those resources. | 07-03-2014 |
20150026810 | Method and Apparatus for Detecting Malicious Software Using Machine Learning Techniques - Novel methods, components, and systems for detecting malicious software in a proactive manner are presented. More specifically, we describe methods, components, and systems that leverage machine learning techniques to detect malicious software. The disclosed invention provides a significant improvement with regard to detection capabilities compared to previous approaches. | 01-22-2015 |