The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jan. 03, 2012
Filed:
Dec. 11, 2006
Thomas M. Bradicich, Apex, NC (US);
Richard E. Harper, Chapel Hill, NC (US);
William J. Piazza, Holly Springs, NC (US);
Thomas M. Bradicich, Apex, NC (US);
Richard E. Harper, Chapel Hill, NC (US);
William J. Piazza, Holly Springs, NC (US);
International Business Machines Corporation, Armonk, NY (US);
Abstract
Embodiments of the present invention provide a method, system and computer program product for the heuristic malware detection. In one embodiment of the invention, a heuristic malware detection method can include merging a baseline inventory of file attributes for respective files from each client computing system in a community of client computing systems into a merged inventory. The method further can include receiving an updated inventory of file attributes in a current inventory survey from different ones of the client computing systems. Each received survey can be compared to the merged inventory, and in response to the comparison, a deviant pattern of file attribute changes can be detected in at least one survey for a corresponding client computing system. Thereafter, the deviant pattern can be classified as one of a benign event or a malware attack. Finally, malware removal can be requested in the corresponding client computing system if the deviant pattern is classified as a malware attack.