KR101928908B1 - 멀웨어 스캐닝을 용이하게 하기 위하여 명성 표시자를 사용하기 위한 시스템 및 그 방법 - Google Patents

멀웨어 스캐닝을 용이하게 하기 위하여 명성 표시자를 사용하기 위한 시스템 및 그 방법 Download PDF

Info

Publication number
KR101928908B1
KR101928908B1 KR1020167008072A KR20167008072A KR101928908B1 KR 101928908 B1 KR101928908 B1 KR 101928908B1 KR 1020167008072 A KR1020167008072 A KR 1020167008072A KR 20167008072 A KR20167008072 A KR 20167008072A KR 101928908 B1 KR101928908 B1 KR 101928908B1
Authority
KR
South Korea
Prior art keywords
module
reputation
malware
reputation indicator
scan
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
KR1020167008072A
Other languages
English (en)
Korean (ko)
Other versions
KR20160055826A (ko
Inventor
다니엘-알렉산드루 미르체스쿠
Original Assignee
비트데펜더 아이피알 매니지먼트 엘티디
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 비트데펜더 아이피알 매니지먼트 엘티디 filed Critical 비트데펜더 아이피알 매니지먼트 엘티디
Publication of KR20160055826A publication Critical patent/KR20160055826A/ko
Application granted granted Critical
Publication of KR101928908B1 publication Critical patent/KR101928908B1/ko
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Computing Systems (AREA)
  • Debugging And Monitoring (AREA)
  • Computer And Data Communications (AREA)
  • Information Transfer Between Computers (AREA)
  • Stored Programmes (AREA)
  • User Interface Of Digital Computer (AREA)
KR1020167008072A 2013-09-27 2014-09-25 멀웨어 스캐닝을 용이하게 하기 위하여 명성 표시자를 사용하기 위한 시스템 및 그 방법 Active KR101928908B1 (ko)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US14/040,430 US9117077B2 (en) 2013-09-27 2013-09-27 Systems and methods for using a reputation indicator to facilitate malware scanning
US14/040,430 2013-09-27
PCT/RO2014/000028 WO2015171007A1 (en) 2013-09-27 2014-09-25 Systems and methods for using a reputation indicator to facilitate malware scanning

Publications (2)

Publication Number Publication Date
KR20160055826A KR20160055826A (ko) 2016-05-18
KR101928908B1 true KR101928908B1 (ko) 2018-12-13

Family

ID=52741557

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020167008072A Active KR101928908B1 (ko) 2013-09-27 2014-09-25 멀웨어 스캐닝을 용이하게 하기 위하여 명성 표시자를 사용하기 위한 시스템 및 그 방법

Country Status (12)

Country Link
US (1) US9117077B2 (enExample)
EP (1) EP3049984B1 (enExample)
JP (1) JP6317434B2 (enExample)
KR (1) KR101928908B1 (enExample)
CN (1) CN105580022B (enExample)
AU (1) AU2014393471B2 (enExample)
CA (1) CA2915806C (enExample)
ES (1) ES2869400T3 (enExample)
IL (1) IL243431B (enExample)
RU (1) RU2646352C2 (enExample)
SG (1) SG11201600064PA (enExample)
WO (1) WO2015171007A1 (enExample)

Families Citing this family (42)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8935792B1 (en) * 2010-10-05 2015-01-13 Mcafee, Inc. System, method, and computer program product for conditionally performing an action based on an attribute
US10515214B1 (en) * 2013-09-30 2019-12-24 Fireeye, Inc. System and method for classifying malware within content created during analysis of a specimen
US9262635B2 (en) * 2014-02-05 2016-02-16 Fireeye, Inc. Detection efficacy of virtual machine-based analysis with application specific events
US9223972B1 (en) 2014-03-31 2015-12-29 Fireeye, Inc. Dynamically remote tuning of a malware content detection system
US10735550B2 (en) * 2014-04-30 2020-08-04 Webroot Inc. Smart caching based on reputation information
US9386031B2 (en) * 2014-09-12 2016-07-05 AO Kaspersky Lab System and method for detection of targeted attacks
FR3027130B1 (fr) * 2014-10-14 2016-12-30 Airbus Operations Sas Integration automatique de donnees relatives a une operation de maintenance
US10834109B2 (en) 2014-12-23 2020-11-10 Mcafee, Llc Determining a reputation for a process
US10083295B2 (en) * 2014-12-23 2018-09-25 Mcafee, Llc System and method to combine multiple reputations
US9948649B1 (en) * 2014-12-30 2018-04-17 Juniper Networks, Inc. Internet address filtering based on a local database
DE102015215362A1 (de) * 2015-08-12 2017-02-16 Robert Bosch Gmbh Verfahren zum Einstellen mindestens eines Parameters einer Handwerkzeugmaschine
GB2546984B (en) 2016-02-02 2020-09-23 F Secure Corp Preventing clean files being used by malware
US10678919B2 (en) * 2016-02-19 2020-06-09 Secureworks Corp. System and method for detecting and monitoring process creation
TWI599905B (zh) * 2016-05-23 2017-09-21 緯創資通股份有限公司 惡意碼的防護方法、系統及監控裝置
US10282546B1 (en) * 2016-06-21 2019-05-07 Symatec Corporation Systems and methods for detecting malware based on event dependencies
US10073968B1 (en) * 2016-06-24 2018-09-11 Symantec Corporation Systems and methods for classifying files
KR20180024524A (ko) * 2016-08-30 2018-03-08 주식회사 윈스 네트워크 트래픽 분석에 의한 평판 기반 차단 장치 및 방법
US10922604B2 (en) * 2016-09-09 2021-02-16 Cylance Inc. Training a machine learning model for analysis of instruction sequences
US11074494B2 (en) 2016-09-09 2021-07-27 Cylance Inc. Machine learning model for analysis of instruction sequences
US10476900B2 (en) * 2016-09-30 2019-11-12 McAFEE, LLC. Safe sharing of sensitive data
US10237293B2 (en) * 2016-10-27 2019-03-19 Bitdefender IPR Management Ltd. Dynamic reputation indicator for optimizing computer security operations
US10223536B2 (en) * 2016-12-29 2019-03-05 Paypal, Inc. Device monitoring policy
CN108804914B (zh) * 2017-05-03 2021-07-16 腾讯科技(深圳)有限公司 一种异常数据检测的方法及装置
US10873589B2 (en) 2017-08-08 2020-12-22 Sonicwall Inc. Real-time prevention of malicious content via dynamic analysis
US10929539B2 (en) * 2017-08-11 2021-02-23 Nec Corporation Automated software safeness categorization with installation lineage and hybrid information sources
CN107682315B (zh) * 2017-09-05 2020-11-06 杭州迪普科技股份有限公司 一种sql注入攻击检测模式设置方法及装置
US11151252B2 (en) 2017-10-13 2021-10-19 Sonicwall Inc. Just in time memory analysis for malware detection
US11086985B2 (en) * 2017-12-04 2021-08-10 Microsoft Technology Licensing, Llc Binary authorization based on both file and package attributes
US10685110B2 (en) 2017-12-29 2020-06-16 Sonicwall Inc. Detection of exploitative program code
US10902122B2 (en) * 2018-01-31 2021-01-26 Sonicwall Inc. Just in time memory analysis for malware detection
US11232201B2 (en) 2018-05-14 2022-01-25 Sonicwall Inc. Cloud based just in time memory analysis for malware detection
US11374977B2 (en) * 2018-09-20 2022-06-28 Forcepoint Llc Endpoint risk-based network protection
US11636198B1 (en) * 2019-03-30 2023-04-25 Fireeye Security Holdings Us Llc System and method for cybersecurity analyzer update and concurrent management system
US11481482B2 (en) * 2019-09-09 2022-10-25 Mcafee, Llc Securing an application framework from shared library sideload vulnerabilities
US11093612B2 (en) * 2019-10-17 2021-08-17 International Business Machines Corporation Maintaining system security
US11675901B2 (en) * 2020-12-22 2023-06-13 Mcafee, Llc Malware detection from operating system event tracing
CN113282469B (zh) * 2021-04-30 2025-02-18 完美世界控股集团有限公司 应用程序的性能检测方法、系统、存储介质及计算设备
US11647002B2 (en) * 2021-08-09 2023-05-09 Oversec, Uab Providing a notification system in a virtual private network
US12461768B2 (en) * 2022-02-16 2025-11-04 Sysdig, Inc. Configuring metric collection based on application information
US12153713B1 (en) * 2022-03-23 2024-11-26 Gen Digital Inc. Systems and methods for protecting user data privacy by detecting the extension of tracker coverage of website browsing sessions through indirect data disclosure
KR102560431B1 (ko) * 2022-09-21 2023-07-27 시큐레터 주식회사 자식 프로세스의 악성 행위를 검사하기 위한 방법 및 이를 위한 장치
US12314392B2 (en) * 2022-10-26 2025-05-27 Bitdefender IPR Management Ltd. Stacked malware detector for mobile platforms

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040083381A1 (en) 2002-10-24 2004-04-29 Sobel William E. Antivirus scanning in a hard-linked environment
US20110185429A1 (en) 2010-01-27 2011-07-28 Mcafee, Inc. Method and system for proactive detection of malicious shared libraries via a remote reputation system
US8225406B1 (en) 2009-03-31 2012-07-17 Symantec Corporation Systems and methods for using reputation data to detect shared-object-based security threats
US8495705B1 (en) 2010-04-20 2013-07-23 Symantec Corporation Systems and methods for reputation-based application of data-loss prevention policies

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6931540B1 (en) 2000-05-31 2005-08-16 Networks Associates Technology, Inc. System, method and computer program product for selecting virus detection actions based on a process by which files are being accessed
US7991902B2 (en) * 2006-12-08 2011-08-02 Microsoft Corporation Reputation-based authorization decisions
US8302196B2 (en) * 2007-03-20 2012-10-30 Microsoft Corporation Combining assessment models and client targeting to identify network security vulnerabilities
US7392544B1 (en) 2007-12-18 2008-06-24 Kaspersky Lab, Zao Method and system for anti-malware scanning with variable scan settings
US8001606B1 (en) 2009-06-30 2011-08-16 Symantec Corporation Malware detection using a white list
US9147071B2 (en) 2010-07-20 2015-09-29 Mcafee, Inc. System and method for proactive detection of malware device drivers via kernel forensic behavioral monitoring and a back-end reputation system
US8863291B2 (en) * 2011-01-20 2014-10-14 Microsoft Corporation Reputation checking of executable programs
US8327441B2 (en) 2011-02-17 2012-12-04 Taasera, Inc. System and method for application attestation
US9262624B2 (en) 2011-09-16 2016-02-16 Mcafee, Inc. Device-tailored whitelists
RU2011138462A (ru) * 2011-09-20 2013-04-10 Закрытое акционерное общество "Лаборатория Касперского" Использование решений пользователей для обнаружения неизвестных компьютерных угроз
US20130254880A1 (en) * 2012-03-21 2013-09-26 Mcafee, Inc. System and method for crowdsourcing of mobile application reputations

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040083381A1 (en) 2002-10-24 2004-04-29 Sobel William E. Antivirus scanning in a hard-linked environment
US8225406B1 (en) 2009-03-31 2012-07-17 Symantec Corporation Systems and methods for using reputation data to detect shared-object-based security threats
US20110185429A1 (en) 2010-01-27 2011-07-28 Mcafee, Inc. Method and system for proactive detection of malicious shared libraries via a remote reputation system
US8495705B1 (en) 2010-04-20 2013-07-23 Symantec Corporation Systems and methods for reputation-based application of data-loss prevention policies

Also Published As

Publication number Publication date
CA2915806C (en) 2020-08-18
ES2869400T3 (es) 2021-10-25
AU2014393471A1 (en) 2016-02-04
RU2646352C2 (ru) 2018-03-02
CN105580022B (zh) 2019-06-21
HK1219790A1 (zh) 2017-04-13
RU2016115859A (ru) 2017-10-30
JP2016538614A (ja) 2016-12-08
EP3049984B1 (en) 2021-03-10
CN105580022A (zh) 2016-05-11
SG11201600064PA (en) 2016-02-26
AU2014393471B2 (en) 2019-06-27
WO2015171007A1 (en) 2015-11-12
US20150096018A1 (en) 2015-04-02
EP3049984A1 (en) 2016-08-03
IL243431B (en) 2018-11-29
JP6317434B2 (ja) 2018-04-25
KR20160055826A (ko) 2016-05-18
US9117077B2 (en) 2015-08-25
CA2915806A1 (en) 2015-11-12

Similar Documents

Publication Publication Date Title
KR101928908B1 (ko) 멀웨어 스캐닝을 용이하게 하기 위하여 명성 표시자를 사용하기 위한 시스템 및 그 방법
KR102116573B1 (ko) 컴퓨터 보안 작동을 최적화하기 위한 동적 명성 표시자
US8918878B2 (en) Restoration of file damage caused by malware
JP6196393B2 (ja) プリインストールアプリケーションのスキャンを最適化するためのシステム及び方法
US11263309B2 (en) Block device signature-based integrity protection for containerized applications
US7665139B1 (en) Method and apparatus to detect and prevent malicious changes to tokens
KR20180032566A (ko) 다수 소프트웨어 개체들에 걸쳐서 악성 행동을 트래킹하기 위한 시스템들 및 방법들
CN105393255A (zh) 用于虚拟机中的恶意软件检测的过程评估
HK40004203B (en) Dynamic reputation indicator for optimizing computer security operations
HK1219790B (zh) 使用声誉指示符来促进恶意软件扫描的系统和方法
HK40004203A (en) Dynamic reputation indicator for optimizing computer security operations

Legal Events

Date Code Title Description
PA0105 International application

Patent event date: 20160325

Patent event code: PA01051R01D

Comment text: International Patent Application

PG1501 Laying open of application
PA0201 Request for examination

Patent event code: PA02012R01D

Patent event date: 20180921

Comment text: Request for Examination of Application

PA0302 Request for accelerated examination

Patent event date: 20180921

Patent event code: PA03022R01D

Comment text: Request for Accelerated Examination

E902 Notification of reason for refusal
PE0902 Notice of grounds for rejection

Comment text: Notification of reason for refusal

Patent event date: 20181112

Patent event code: PE09021S01D

E701 Decision to grant or registration of patent right
PE0701 Decision of registration

Patent event code: PE07011S01D

Comment text: Decision to Grant Registration

Patent event date: 20181204

PR0701 Registration of establishment

Comment text: Registration of Establishment

Patent event date: 20181207

Patent event code: PR07011E01D

PR1002 Payment of registration fee

Payment date: 20181210

End annual number: 3

Start annual number: 1

PG1601 Publication of registration
PR1001 Payment of annual fee

Payment date: 20211125

Start annual number: 4

End annual number: 4

PR1001 Payment of annual fee

Payment date: 20221125

Start annual number: 5

End annual number: 5