IDiyas

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 8667583 B1

PDFFull Text
Date of Patent:
Mar. 04, 2014

Filed:

Sep. 22, 2008

Collecting and analyzing malware data

Applicants:

Alexey Polyakov, Sammamish, WA (US);

Marc Seinfeld, Fort Lauderdale, FL (US);

Jigar J. Mody, Bellevue, WA (US);

Ning Sun, Houston, TX (US);

Tony Lee, Sammamish, WA (US);

Chengyun Chu, Redmond, WA (US);

Inventors:

Alexey Polyakov, Sammamish, WA (US);

Marc Seinfeld, Fort Lauderdale, FL (US);

Jigar J. Mody, Bellevue, WA (US);

Ning Sun, Houston, TX (US);

Tony Lee, Sammamish, WA (US);

Chengyun Chu, Redmond, WA (US);

Assignee:

Microsoft Corporation, Redmond, WA (US);

Attorneys:

Ben Tabor

Kate Drakos

Micky Minhas

Primary Examiner:

Dant Shaifer Harriman

Int. Cl.
CPC ...
G06F 11/00 (2006.01); G06F 12/14 (2006.01); G06F 12/16 (2006.01); G08B 23/00 (2006.01);
U.S. Cl.
CPC ...
Abstract

A malware analysis system is described that provides information about malware execution history on a client computer and allows automated back-end analysis for faster creation of identification signatures and removal instructions. The malware analysis system collects threat information on client computers and sends the threat information to a back-end analysis component for automated analysis. The back-end analysis component analyzes the threat information by comparing the threat information to information about known threats. The system builds a signature for identifying the threat family and a mitigation script for neutralizing the threat. The system sends the signature and mitigation data to client computers, which use the information to mitigate the threat. Thus, the malware analysis system detects and mitigates threats more quickly than previous systems by reducing the burden on technicians to manually create environments for reproducing the threats and manually analyze the threat behavior.

Find Patent Forward Citations

Loading…