| 发明名称 | Malware detection | ||
| 摘要 | According to a first aspect of the present invention there is provided a method of detecting malware in a mobile telecommunications device 101. In the method, maintaining a database 109 of legitimate applications and their respective expected behaviors, identifying legitimate applications running on the device 101, monitoring the behavior of the device 101, comparing this monitored behavior with that expected according to the database 109 for those legitimate applications identified as running on the device 101, and analyzing deviations from the expected behavior of the device 101 to identify the potential presence of malware. | ||
| 申请公布号 | US8844038(B2) | 申请公布日期 | 2014.09.23 |
| 申请号 | US200912459966 | 申请日期 | 2009.07.09 |
| 申请人 | F-Secure Oyj | 发明人 | Niemelä Jarno |
| 分类号 | H04L29/06;G06F21/55;G06F21/56;H04W24/08 | 主分类号 | H04L29/06 |
| 代理机构 | Harrington & Smith | 代理人 | Harrington & Smith |
| 主权项 | 1. A method of detecting malware in a mobile telecommunications device, the method comprising: maintaining a database of legitimate applications and respective expected behaviours of the legitimate applications; identifying legitimate applications running on the device; monitoring behaviour of the device, the monitored behaviour comprising the sending and receiving of data traffic via a network connection, comparing the monitored behaviour with expected behaviours of the device according to the database for the legitimate applications identified as running on the device; analysing deviations from the expected behaviours of the device to identify potential presence of malware; and in the event that analyzing deviations identifies data traffic is being uploaded to a website when no web browser is running on the device, identifying the upload of the data traffic to the website as indicative of the presence of malware. | ||
| 地址 | Helsinki FI | ||