Asynchronous processing of events for malware detection
The present invention provides a system, method and computer program product for malware detection based on the behavior of applications running on a computer system, including: asynchronous processing of system events for malware threat analyses using application filters; analyzing events using heu...
Saved in:
Main Authors | , |
---|---|
Format | Patent |
Language | Chinese English |
Published |
16.03.2011
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | The present invention provides a system, method and computer program product for malware detection based on the behavior of applications running on a computer system, including: asynchronous processing of system events for malware threat analyses using application filters; analyzing events using heuristic and signature data; analyzing applications behavior and detecting abnormal behavior of ''clean'' applications; automatically classifying applications (i.e., detecting new versions) based on behavior analysis; automatically analyzing the reliability of web sites based on behavior triggered by the web site accesses; in enterprise networks, detecting abnormalities in configuration of user computer systems; recognizing a user by his behavior profile and using the profile for an automatic configuration of user applications. |
---|---|
Bibliography: | Application Number: CN201010226191 |