41
George Tuvell, Charles Lee: Malware detection system and method for limited access mobile platforms. Pulse Secure, Shumaker & Sieffert P A, June 23, 2015: US09064115 (6 worldwide citation)

A system and method for detecting malware on a limited access mobile platform in a mobile network. The system and method uses one or more feature sets that describe various non-executable portions of malware-infected and malware-free applications, and compares a application on the limited access mob ...


42
George Tuvell, Deepak Venugopal: Malware detection system and method for mobile platforms. Juniper Networks, Shumaker & Sieffert P A, August 11, 2015: US09104871 (6 worldwide citation)

A system and method for detecting malware optimized for mobile platforms. The system and method compares hashed portions of one or more malware signatures to hashes hashed from a suspect application, to determine whether the suspect application is malware-free. A second stage robust hash and splatte ...


43
Zhihe Zhang, Mingyan Sun, Zhengmao Lin: Automatic generation of malware clean pattern. Trend Micro, Beyer Law Group, May 27, 2014: US08739283 (6 worldwide citation)

A computing device is capable of automatically detecting malware execution and cleaning the effects of malware execution using a malware repair module that is customized to the operating features and characteristics of the computing device. The computing device has software modules, hardware compone ...


44
Chandan CP, Srinivasan Narasimhan: Agent assisted malicious application blocking in a network environment. McAfee, Patent Capital Group, February 21, 2017: US09578052 (5 worldwide citation)

Embodiments are configured to receive metadata of a process intercepted on an end host when attempting to access a network. The metadata includes a hash of an application associated with the process and an endpoint reputation score of the application. Embodiments are configured to request a threat i ...


45
Neil Book, Daniel V Hoffman: Detecting malware on mobile devices. Pulse Secure, Shumaker & Sieffert P A, December 1, 2015: US09202049 (5 worldwide citation)

In one example, a mobile device includes a network interface configured to receive data for an application including a set of application permissions describing elements of the mobile device to which the application will have access upon installation of the application, and a processing unit configu ...


46
Sudhakar Muddu, Christos Tryfonas, Ravi Prasad Bulusu: Identity resolution in data intake stage of machine data processing platform. Splunk, Perkins Coie, December 5, 2017: US09838410 (5 worldwide citation)

A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is “big data” driven and employs machine learning to perform security analytics. The security platform performs user/entity behavi ...


47
Or Tzvi Warshenbrot: Method for malware detection using deep inspection and data discovery agents. EMC Corporation, BainwoodHuang, June 14, 2016: US09367687 (5 worldwide citation)

A method of detecting malware is provided. The method includes (a) from a database of historic network traffic, identifying a suspect file that traveled through a network as being suspected malware, (b) deriving a distinctive signature based on contents of the suspect file, and (c) scanning a comput ...


48
Tuvell George, Lee Charles: Malware detection system and method for limited access mobile platforms. Smobile Systems, Tuvell George, Lee Charles, DORTENZO Megan, October 18, 2007: WO/2007/117567 (5 worldwide citation)

A system and method for detecting malware on a limited access mobile platform in a mobile network. The system and method uses one or more feature sets that describe various non-executable portions of malware-infected and malware-free applications, and compares a application on the limited access mob ...


49
Joseph Ward, Andrew Hobson: Historical analysis to identify malicious activity. Damballa, Pepper Hamilton, June 13, 2017: US09680861 (4 worldwide citation)

Systems and methods may use historical analysis to identify malicious activity. A discovery/recovery system may comprise a processor in communication with a network and in communication with a database. The discovery/recovery system may gather filtered historical network data associated with an asse ...


50
Ahmed Said Sallam: System and method for proactive detection of malware device drivers via kernel forensic behavioral monitoring and a back-end reputation system. McAfee, Baker Botts L, September 29, 2015: US09147071 (4 worldwide citation)

A method for detecting malware device drivers includes the steps of identifying one or more device drivers loaded on an electronic device, analyzing the device drivers to determine suspicious device drivers, accessing information about the suspicious device drivers in a reputation system, and evalua ...