The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jul. 05, 2011
Filed:
Mar. 29, 2006
Krishnapur Narasimhamurthy Venkatasubrahmanyam, Bangalore, IN;
Krishnapur Narasimhamurthy Venkatasubrahmanyam, Bangalore, IN;
McAfee, Inc., Santa Clara, CA (US);
Abstract
A security system may detect a rootkit by detecting a filesystem configuration of the first system and comparing the filesystem configuration to a known valid filesystem configuration of a second system. The known valid filesystem configuration may be the filesystem configuration of a protected second system, or may be stored in a protected area of the second system. The first and second system may be part of a single device. The filesystem configuration of the first system and the known valid filesystem configuration are compared and differences are analyzed to determine if they are indicative of a rootkit. If a rootkit is detected, some embodiments may provide tools to clean, delete, or quarantine the rootkit. The second system may be provided by a security provider.