The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Oct. 24, 2017
Filed:
Jun. 25, 2015
Symantec Corporation, Mountain View, CA (US);
Christopher Gates, Culver City, CA (US);
Kevin Roundy, El Segundo, CA (US);
Sandeep Bhatkar, Sunnyvale, CA (US);
Anand Kashyap, Los Altos, CA;
Yin Liu, Sunnyvale, CA (US);
Aleatha Parker-Wood, Palo Alto, CA (US);
Leylya Yumer, Antibes, FR;
Symantec Corporation, Mountain View, CA (US);
Abstract
The disclosed computer-implemented method for threat detection using a software program update profile may include (1) building an update behavioral model that identifies legitimate update behavior for a software application by (a) monitoring client devices for update events associated with the software application and (b) analyzing the update events to identify the legitimate update behavior of the software application, (2) using the update behavioral model to identify suspicious behavior on a computing system by (a) detecting an update instance on the computing system, (b) comparing the update instance with the legitimate update behavior identified in the update behavioral model, and (c) determining, based on the comparison of the update instance with the legitimate update behavior, that the update instance is suspicious, and (3) in response to determining that the update instance is suspicious, performing a security action. Various other methods, systems, and computer-readable media are also disclosed.