ES2463265R1 - Anticipar la exploración de software malicioso - Google Patents
Anticipar la exploración de software malicioso Download PDFInfo
- Publication number
- ES2463265R1 ES2463265R1 ES201390092A ES201390092A ES2463265R1 ES 2463265 R1 ES2463265 R1 ES 2463265R1 ES 201390092 A ES201390092 A ES 201390092A ES 201390092 A ES201390092 A ES 201390092A ES 2463265 R1 ES2463265 R1 ES 2463265R1
- Authority
- ES
- Spain
- Prior art keywords
- files
- malicious software
- application
- scanning
- groups
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Quality & Reliability (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
- Debugging And Monitoring (AREA)
- Stored Programmes (AREA)
Abstract
De acuerdo con un primer aspecto de la presente invención, se proporciona un método de exploración de búsqueda de software malicioso durante la ejecución de una aplicación en un sistema informático. El método comprende detectar accesos por la aplicación a archivos dentro de un directorio común, usar los accesos detectados para identificar uno o más grupos de archivos dentro de dicho directorio común al que la aplicación podría querer acceder posteriormente, y explorar dicho uno o más grupos de archivos en busca de software malicioso antes de que la aplicación intente acceder a los archivos del grupo o grupos.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/068610 | 2011-05-16 | ||
US13/068,610 US8726388B2 (en) | 2011-05-16 | 2011-05-16 | Look ahead malware scanning |
PCT/EP2012/055733 WO2012156143A1 (en) | 2011-05-16 | 2012-03-29 | Look ahead malware scanning |
Publications (3)
Publication Number | Publication Date |
---|---|
ES2463265A2 ES2463265A2 (es) | 2014-05-27 |
ES2463265R1 true ES2463265R1 (es) | 2014-09-04 |
ES2463265B1 ES2463265B1 (es) | 2015-06-02 |
Family
ID=45937341
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
ES201390092A Active ES2463265B1 (es) | 2011-05-16 | 2012-03-29 | Anticipar la exploración de software malicioso |
Country Status (7)
Country | Link |
---|---|
US (1) | US8726388B2 (es) |
BR (1) | BR112013029404A2 (es) |
DE (1) | DE112012002106B4 (es) |
ES (1) | ES2463265B1 (es) |
RO (1) | RO130379B1 (es) |
RU (1) | RU2621608C2 (es) |
WO (1) | WO2012156143A1 (es) |
Families Citing this family (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9679137B2 (en) * | 2006-09-27 | 2017-06-13 | Hewlett-Packard Development Company, L.P. | Anti-viral scanning in Network Attached Storage |
US8127358B1 (en) * | 2007-05-30 | 2012-02-28 | Trend Micro Incorporated | Thin client for computer security applications |
WO2013141545A1 (ko) * | 2012-03-21 | 2013-09-26 | 삼성에스디에스 주식회사 | 안티-멀웨어 시스템 및 상기 시스템에서의 데이터 처리 방법 |
US11126720B2 (en) | 2012-09-26 | 2021-09-21 | Bluvector, Inc. | System and method for automated machine-learning, zero-day malware detection |
US9292688B2 (en) | 2012-09-26 | 2016-03-22 | Northrop Grumman Systems Corporation | System and method for automated machine-learning, zero-day malware detection |
CN103780589A (zh) * | 2012-10-24 | 2014-05-07 | 腾讯科技(深圳)有限公司 | 病毒提示方法、客户端设备和服务器 |
GB2517483B (en) * | 2013-08-22 | 2015-07-22 | F Secure Corp | Detecting file encrypting malware |
US9323929B2 (en) * | 2013-11-26 | 2016-04-26 | Qualcomm Incorporated | Pre-identifying probable malicious rootkit behavior using behavioral contracts |
CN103810428B (zh) * | 2014-02-24 | 2017-05-24 | 珠海市君天电子科技有限公司 | 一种宏病毒检测方法及装置 |
US9710648B2 (en) * | 2014-08-11 | 2017-07-18 | Sentinel Labs Israel Ltd. | Method of malware detection and system thereof |
CN104199894A (zh) * | 2014-08-25 | 2014-12-10 | 百度在线网络技术(北京)有限公司 | 一种文件扫描方法及装置 |
WO2016081346A1 (en) | 2014-11-21 | 2016-05-26 | Northrup Grumman Systems Corporation | System and method for network data characterization |
US11023449B2 (en) * | 2014-12-19 | 2021-06-01 | EMC IP Holding Company LLC | Method and system to search logs that contain a massive number of entries |
US9715589B2 (en) | 2015-01-23 | 2017-07-25 | Red Hat, Inc. | Operating system consistency and malware protection |
US10032023B1 (en) * | 2016-03-25 | 2018-07-24 | Symantec Corporation | Systems and methods for selectively applying malware signatures |
US10200395B1 (en) * | 2016-03-30 | 2019-02-05 | Symantec Corporation | Systems and methods for automated whitelisting of files |
US10248787B1 (en) * | 2016-12-20 | 2019-04-02 | Symantec Corporation | Systems and methods for determining reputations of files |
US10511631B2 (en) | 2017-01-25 | 2019-12-17 | Microsoft Technology Licensing, Llc | Safe data access through any data channel |
EP3376424B1 (en) * | 2017-03-14 | 2021-05-05 | VirusTotal SLU | Scanning files using antivirus software |
CN109361643B (zh) * | 2018-06-22 | 2021-05-25 | 中国移动通信集团广东有限公司 | 一种恶意样本的深度溯源方法 |
RU2726878C1 (ru) * | 2019-04-15 | 2020-07-16 | Акционерное общество "Лаборатория Касперского" | Способ ускорения полной антивирусной проверки файлов на мобильном устройстве |
US11210395B2 (en) * | 2019-09-13 | 2021-12-28 | EMC IP Holding Company LLC | Filename-based malware pre-scanning |
US11288391B2 (en) | 2019-09-13 | 2022-03-29 | EMC IP Holding Company LLC | Filename-based malware pre-scanning |
CN113468119A (zh) * | 2021-05-31 | 2021-10-01 | 北京明朝万达科技股份有限公司 | 一种文件扫描方法和装置 |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2008068240A1 (en) * | 2006-12-07 | 2008-06-12 | International Business Machines Corporation | On demand virus scan |
US7681237B1 (en) * | 2004-05-13 | 2010-03-16 | Symantec Corporation | Semi-synchronous scanning of modified files in real time |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6968461B1 (en) * | 2000-10-03 | 2005-11-22 | Networks Associates Technology, Inc. | Providing break points in a malware scanning operation |
US7424706B2 (en) * | 2003-07-16 | 2008-09-09 | Microsoft Corporation | Automatic detection and patching of vulnerable files |
GB0418066D0 (en) * | 2004-08-13 | 2004-09-15 | Ibm | A prioritization system |
US8037527B2 (en) * | 2004-11-08 | 2011-10-11 | Bt Web Solutions, Llc | Method and apparatus for look-ahead security scanning |
US8254858B2 (en) * | 2007-12-21 | 2012-08-28 | Hewlett-Packard Development Company, L.P. | Techniques to manage power based on motion detection |
GB2469322B (en) * | 2009-04-09 | 2014-04-16 | F Secure Oyj | Malware determination |
US8745743B2 (en) | 2009-06-09 | 2014-06-03 | F-Secure Oyj | Anti-virus trusted files database |
US8468602B2 (en) * | 2010-03-08 | 2013-06-18 | Raytheon Company | System and method for host-level malware detection |
-
2011
- 2011-05-16 US US13/068,610 patent/US8726388B2/en active Active
-
2012
- 2012-03-29 ES ES201390092A patent/ES2463265B1/es active Active
- 2012-03-29 DE DE112012002106.1T patent/DE112012002106B4/de active Active
- 2012-03-29 RU RU2013154735A patent/RU2621608C2/ru active
- 2012-03-29 WO PCT/EP2012/055733 patent/WO2012156143A1/en active Application Filing
- 2012-03-29 RO ROA201300848A patent/RO130379B1/ro unknown
- 2012-03-29 BR BR112013029404A patent/BR112013029404A2/pt not_active Application Discontinuation
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7681237B1 (en) * | 2004-05-13 | 2010-03-16 | Symantec Corporation | Semi-synchronous scanning of modified files in real time |
WO2008068240A1 (en) * | 2006-12-07 | 2008-06-12 | International Business Machines Corporation | On demand virus scan |
Also Published As
Publication number | Publication date |
---|---|
BR112013029404A2 (pt) | 2017-01-31 |
US8726388B2 (en) | 2014-05-13 |
RO130379B1 (ro) | 2020-05-29 |
US20120297486A1 (en) | 2012-11-22 |
RU2621608C2 (ru) | 2017-06-06 |
ES2463265A2 (es) | 2014-05-27 |
RU2013154735A (ru) | 2015-06-27 |
DE112012002106T5 (de) | 2014-02-13 |
DE112012002106B4 (de) | 2023-06-15 |
RO130379A2 (ro) | 2015-06-30 |
ES2463265B1 (es) | 2015-06-02 |
WO2012156143A1 (en) | 2012-11-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
ES2463265B1 (es) | Anticipar la exploración de software malicioso | |
CL2014002998A1 (es) | Procedimiento para intercambiar datos entre dos dispositivos clientes, comprende almacenar uno o más programas en un ordenador, obtener desde el primer dispositivo una solicitud de adquisición de datos, identificar el segundo dispositivo, emitir una segunda solicitud, obtener desde el segundo dispositivo el parámetro de búsqueda, y proporcionar al menos un resultado de búsqueda; sistema; medio de almacenamiento. | |
BR112016024774A2 (pt) | sistema de criação de website implementável em um dispositivo de computação, e método implementável em um dispositivo de computação | |
AR102688A1 (es) | Infraestructura de identidad como un servicio | |
BR112015014808A2 (pt) | sistema e método para determinar localização de smartphone | |
CL2014002859A1 (es) | Metodo y sistema para utilizar ejemplos negativos de palabras en un sistema de reconocimiento de voz, en que el metodo comprende definir un conjunto de palabras, identificar un conjunto de ejemplos negativos de dichas palabras, realizar un reconocimiento de palabra clave en dichos conjuntos, determinar valores de confianza de palabras en dichos conjuntos, identificar al menos una palabra candidata de dicho conjunto de palabras, comparar valores de confianza, aceptar la palabra candidata. | |
CL2016000555A1 (es) | Terminación de comando de averiguación en memorias flash | |
DK3191993T3 (da) | Detektion af repeatudvidelser med short read-sekventeringsdata | |
WO2012067867A3 (en) | Registration for system level search user interface | |
BR112015005115A2 (pt) | trator de soldagem; método para soldar, de modo circunferencial, pelo menos um objeto cilíndrico; processo; sistema de soldagem | |
GB2505104A (en) | Malware detection | |
BR112014001992A2 (pt) | método, sistema, e um ou mais meios de armazenamento legíveis por computador | |
FR2990020B1 (fr) | Dispositif de detection capacitive avec arrangement de pistes de liaison, et procede mettant en oeuvre un tel dispositif. | |
AR092514A1 (es) | Aparato de procesamiento de informacion, metodo de procesamiento de la informacion y programa de procesamiento de la informacion | |
BR112015022133A8 (pt) | método, meios legíveis por computador e sistema relacionados a repositórios temáticos para o gerenciamneto de transações | |
BR112014016042A2 (pt) | método, um ou mais meios de armazenamento legíveis por computador, e sistema | |
EA201391095A1 (ru) | Система интерпретации повреждения труб | |
BR112014027595A2 (pt) | método de sensibilidade ao formato com fibra óptica; meio de armazenamento executável por computador; e sistema de sensibilidade ao formato | |
CL2014002211A1 (es) | Sistema para determinar una propiedad de un objeto que comprende una disposicion de induccion para generar un impulso de fluido, un detector para detectar la vibracion fisical del objeto, un procesador acoplado al detector para determinar la propiedad del objeto; metodo para determinar una propiedad de un objeto; y una valvula. | |
BR112014029104A2 (pt) | sistema de processamento de informação, método executado por sistema de processamento de informação, e, meio legível por computador não transitório. | |
BR112017025197A2 (pt) | método e sistema para rastreamento de itens-alvo | |
BR112014017936A8 (pt) | Aparelhos, sistemas e métodos de reconhecimento de fóssil | |
BR112015002559A2 (pt) | método de formação de imagem; meio de armazenamento não transitório que armazena instruções executáveis por um dispositivo de processamento de dados eletrônico; e aparelho. | |
BR112014008453A2 (pt) | geração automática de código para coleta automática de dados colaborativos | |
AR085648A1 (es) | Kit y metodo para marcar y/o detectar la alteracion de combustible |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FG2A | Definitive protection |
Ref document number: 2463265 Country of ref document: ES Kind code of ref document: B1 Effective date: 20150602 |
|
PC2A | Transfer of patent |
Owner name: WITHSECURE CORPORATION Effective date: 20220908 |