The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jan. 19, 2016
Filed:
Mar. 11, 2013
Xuewen Zhu, Nanjing, CN;
Xinfeng Liu, Nanjing, CN;
Xuebin Chen, Jiangsu, CN;
Qiang Huang, Jiangsu, CN;
Xuewen Zhu, Nanjing, CN;
Xinfeng Liu, Nanjing, CN;
Xuebin Chen, Jiangsu, CN;
Qiang Huang, Jiangsu, CN;
Trend Micro Inc., Tokyo, JP;
Abstract
An application document known to include malware (such as a document exploit) is opened and executed by its corresponding software application. Behaviors of this document (such as registry, file system, network and process) are monitored and recorded using internal software drivers and hook modules. A behavior report is generated and a baseline pattern is created including a number of regular expressions. A suspicious document of the same type as the monitored document is opened and executed by the same corresponding software application. Behaviors are monitored in the same way and a behavior report is generated. This behavior report is compared to the baseline pattern and a determination is made as to whether a document exploit is present. Known benign documents may also be opened, monitored and their behavior recorded, resulting in creation of a known benign pattern for the corresponding software application.