| 发明名称 | Detecting surreptitious spyware | ||
| 摘要 | Tools and techniques are provided for detecting a particular type of spyware. Network activities and user update activities are monitored automatically, and the results are analyzed to identify related processes which perform network transmissions without performing substantive user updates. These processes are identified to a user and/or an administrator as potential spyware, and are then quarantined or otherwise handled based on instructions received from the user or administrator. In some cases, the monitoring and analysis begins with selection of a group of processes to monitor, while in other cases it begins with monitoring of network and/or user update activities in order to narrow the group of suspect processes. Devices, configured media, and method products are also described. | ||
| 申请公布号 | US8826427(B2) | 申请公布日期 | 2014.09.02 |
| 申请号 | US201213344897 | 申请日期 | 2012.01.06 |
| 申请人 | Goldpark Foundation L.L.C. | 发明人 | Ogilvie John W. |
| 分类号 | G06F11/00 | 主分类号 | G06F11/00 |
| 代理机构 | McAndrews, Held & Malloy, Ltd. | 代理人 | McAndrews, Held & Malloy, Ltd. |
| 主权项 | 1. A method, comprising: monitoring, with a user device, whether at least one process operating as software on the user device performs a transmission from the user device on a network; monitoring whether the at least one process performs a user update by at least one of invoking a routine to draw on a display or sending output signals for a speaker; and selecting the at least one process as a spyware candidate if the at least one process performs the transmission from the user device on the network but does not perform the user update. | ||
| 地址 | Wilmington DE US | ||