The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jun. 05, 2012
Filed:
Jun. 26, 2006
Steven Gribble, Seattle, WA (US);
Henry Levy, Seattle, WA (US);
Alexander Moshchuk, Seattle, WA (US);
Tanya Bragin, Seattle, WA (US);
Steven Gribble, Seattle, WA (US);
Henry Levy, Seattle, WA (US);
Alexander Moshchuk, Seattle, WA (US);
Tanya Bragin, Seattle, WA (US);
University of Washington through its Center for Commercialization, Seattle, WA (US);
Abstract
A system analyzes content accessed at a network site to determine whether it is malicious. The system employs a tool able to identify spyware that is piggy-backed on executable files (such as software downloads) and is able to detect 'drive-by download' attacks that install software on the victim's computer when a page is rendered by a browser program. The tool uses a virtual machine (VM) to sandbox and analyze potentially malicious content. By installing and running executable files within a clean VM environment, commercial anti-spyware tools can be employed to determine whether a specific executable contains piggy-backed spyware. By visiting a Web page with an unmodified browser inside a clean VM environment, predefined 'triggers,' such as the installation of a new library, or the creation of a new process, can be used to determine whether the page mounts a drive-by download attack.