Browse Prior Art Database

Eliminating False Malware Alerts with Actions-in-Context

IP.com Disclosure Number: IPCOM000035511D
Original Publication Date: 2005-Jan-21
Included in the Prior Art Database: 2005-Jan-21

Publishing Venue

IBM

Abstract

Current antivirus software identifies malware by recognizing code signature of malware executable. An alternative effective approach to identify malware is to track their activity and attach an identification trigger mechansim to this tracking process. This invention identifies a procedure to identify malware based on combination of its current activity and other actions that it has already taken.