Computer system analysis method and apparatus

A technology for the relationship between computers and objects, applied in the direction of platform integrity maintenance, etc., can solve problems such as slow engine

Active Publication Date: 2013-06-26
WITHSECURE CORP (A K A WITHSECURE OYJ)
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] While there may always be room for pattern recognition-based antivirus engines (i.e., engines that look for malware "fingerprints"), these engines are still slow and reactive rather than proactive, since the antivirus engine must either know or Patterns representing malware can be predicted

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Computer system analysis method and apparatus
  • Computer system analysis method and apparatus
  • Computer system analysis method and apparatus

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] The malware scanning method described herein is given with respect to a computer system comprising one or more central servers and a plurality of client computers. Client computers communicate with the central server via the Internet. Those skilled in the art will readily recognize other computer system architectures that may employ this method.

[0027] An application on a client computer typically includes: a set of related objects, including at least data files, directories, and registry information (the latter including the application's configuration and settings) - a desktop shortcut to the application executable; storing the application executable in directory where other apps and libraries live; the app registry points to the location of data files and other executables that the app needs to run. The set of related objects and their relationships can be thought of as the application's "dependency network".

[0028] It should be understood that regardless of ob...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A method of analysing a computer on which are installed a plurality of applications each comprising a set of inter-related objects. The method first comprises identifying a local dependency network for each of one or more of said applications, a local dependency network comprising at least a set of object paths and inter-object relationships. The (or each) local application dependency network is then compared against a database of known application dependency networks to determine whether the application associated with the local dependency network is known. The results of the comparison are then used to identify malware and/or orphan objects.

Description

technical field [0001] The present invention relates to a method and a device for analyzing a computer system, in particular to a method and a device for analyzing an application installed on a computer system. In particular but not necessarily, the present invention relates to methods and apparatus for using said analysis in the detection and removal of malware and also in system optimization. Background technique [0002] Malware, short for malicious software, is a term used to denote any software designed to infiltrate or damage a computer system without the user's consent. Malware can include computer viruses, worms, Trojan horses, rootkits and spyware. To prevent problems associated with malware infections, many end users utilize anti-virus software to detect and possibly remove malware. [0003] After being installed on a user's system, malware often avoids detection by mimicking the file names of common and / or common existing legitimate software. An example of this...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
CPCG06F21/56
Inventor 帕威尔·特尔宾
Owner WITHSECURE CORP (A K A WITHSECURE OYJ)
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap