System and Method for Managing Malware Protection on Mobile Devices

Abstract

A system and method for providing malware protection on client mobile platforms in a mobile network. The system and method manages the malware scanning agents of the client mobile platforms from a management server using a device independent secure management protocol. The management server downloads new malware definitions to client mobile platforms and remotely initiates malware scanning on the client mobile platforms.

Description

CROSS REFERENCE TO RELATED APPLICATIONS[0001]This application claims the benefit of U.S. Application Nos. 60 / 789,766, filed Apr. 6, 2007; 60 / 789,748, filed Apr. 6, 2007; 60 / 789,749 filed Apr. 6, 2007; 60 / 789,746, filed Apr. 6, 2007; 60 / 789,744, filed Apr. 6, 2007; 60 / 789,745, filed Apr. 6, 2007; 60 / 789,743, filed Apr. 6, 2007; 60 / 789,958, filed Apr. 6, 2007; 60 / 824,649, filed Sep. 6, 2006; and 60 / 828,491, filed Oct. 6, 2006.TECHNICAL FIELD[0002]The present invention relates generally to systems, devices, and methods for detecting malware in mobile networks and mobile devices.BACKGROUND OF THE INVENTION[0003]Traditional malware signature detection methods extract signatures from an invariant portion of the actual executable part of a target application being scanned for malware. However, these detection methods present numerous problems when implemented in mobile networks and on mobile platforms.[0004]A major constraint of scanning within a network is fragmented data. Generally, mobi...

AI Technical Summary

Benefits of technology

[0022]It is possible to identify potential malware based on probability models derived from both code analysis and from monitoring the behavior of suspected malware on the mobile platform. In particular, code analysis and associated behavior are used to create feature sets and models of malware behavior. Notably, the system and method is successful in identifying new, never before seen malware without being resource intensive, thereby making it especially adaptable for use on mobile platforms.

[0023]The present invention also is a system and

Problems solved by technology

However, these detection methods present numerous problems when implemented in mobile networks and on mobile platforms.

Therefore, while scanning for malware, it is not possible to obtain the entire data corresponding to a malicious application because the malicious application may exist across multiple packages in a compressed format.

Also, it is cumbersome and time consuming to attempt to re-assemble and uncompress such data packets as they pass through the mobile network due to the latency these operations would introduce.

Also, comprehensive signature matching as a virus or malware detection method on memory-constrained devices, like mobile phones, is difficult to efficiently implement due to the need for a large database of identified malware signatures.

String matching is also processor intensive and results in a high computational tax on a mobile device wherein such mobile platforms have relatively low processing power such that large processing and memory requirements results in lowered performance and excessive battery drain.

Therefore, it is difficult to determine which file to scan for malwa

Images