发明名称 |
Systems and methods for preventing chronic false positives |
摘要 |
A computer-implemented method for preventing chronic false positives may include (1) whitelisting a file based on a challenge notification that challenges a classification of the file as insecure, (2) obtaining attribute information about the file, (3) identifying, by analyzing the attribute information, a primitive that identifies a source of origin for the file, (4) determining, based on an analysis of files that originate from the source of origin, that the source of origin identified by the primitive is trustworthy, and (5) adjusting, based on the determination that the source of origin identified by the primitive is trustworthy, a security policy associated with the primitive to prevent future false positives for other files that originate from the source of origin. Various other methods, systems, and computer-readable media are also disclosed. |
申请公布号 |
US9171152(B1) |
申请公布日期 |
2015.10.27 |
申请号 |
US201414273510 |
申请日期 |
2014.05.08 |
申请人 |
Symantec Corporation |
发明人 |
Wilhelm Jeffrey;Chen Joseph |
分类号 |
G06F7/00;G06F12/14;G06F21/55 |
主分类号 |
G06F7/00 |
代理机构 |
ALG Intellectual Property, LLC |
代理人 |
ALG Intellectual Property, LLC |
主权项 |
1. A computer-implemented method for preventing chronic false positives, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
whitelisting a file based on a challenge notification that challenges a classification of the file as insecure; obtaining attribute information about the file; identifying, by analyzing the attribute information, a primitive that identifies a source of origin for the file; determining, based on an analysis of files that originate from the source of origin, that the source of origin identified by the primitive is trustworthy; adjusting, based on the determination that the source of origin identified by the primitive is trustworthy, a security policy associated with the primitive to prevent future false positives for other files that originate from the source of origin. |
地址 |
Mountain View CA US |