Detection of file modifications performed by malicious codes
Number of patents in Portfolio can not be more than 2000
United States of America Patent
Stats
-
Jan 8, 2013
Grant Date -
N/A
app pub date -
Sep 1, 2010
filing date -
Sep 1, 2010
priority date (Note) -
In Force
status (Latency Note)
Importance
Abstract
File modifications performed by malicious codes are detected by detecting a file modification for an original file before the file modification is performed on the original file. In response to detecting the file modification, a corresponding shadow file is created. The shadow file represents the original file as modified by the file modification. Before allowing the file modification to be performed on the original file, the original file is compared to the shadow file to determine if the file modification is being performed by malicious codes. The file modification may be deemed to be performed by malicious codes when the file modification involves, for example, entry point append, entry point prepend, entry point obfuscation, cavity, overwriting, or mal-tattoo.
First Claim
Family
International Classification(s)
Cited Art Landscape
Patent Citation Ranking
Advertisement
Advertisement
Advertisement
Recipient Email Address
Recipient Email Address
Comment
Recipient Email Address
Add to Portfolio(s)
To add this patent to one, or more, of your portfolios, simply click the add button.
This Patent is in these Portfolios:
Add to additional portfolios:
Last Refreshed On:
Changes done successfully