发明名称 |
Method and apparatus for behavioral detection of malware in a computer system |
摘要 |
Method and apparatus for behavioral detection of malware in a computer system are described. In some embodiments, a request by a process executing on a computer to change time of a clock managed by the computer is detected. The process is identified as a potential threat. At least one attribute associated with the process is analyzed to determine a threat level. The request to change the time of the clock is blocked and the process is designated as a true positive threat if the threat level satisfies a threshold level.
|
申请公布号 |
US8490195(B1) |
申请公布日期 |
2013.07.16 |
申请号 |
US20080340125 |
申请日期 |
2008.12.19 |
申请人 |
CHEN JOSEPH H.;PARK JAMIE J.;SYMANTEC CORPORATION |
发明人 |
CHEN JOSEPH H.;PARK JAMIE J. |
分类号 |
G06F12/14 |
主分类号 |
G06F12/14 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|