Invention Grant
- Patent Title: Method and apparatus for retroactively detecting malicious or otherwise undesirable software as well as clean software through intelligent rescanning
- Patent Title (中): 用于通过智能重新扫描追溯检测恶意或其他不良软件以及清洁软件的方法和装置
-
Application No.: US13942360Application Date: 2013-07-15
-
Publication No.: US09245120B2Publication Date: 2016-01-26
- Inventor: Oliver Friedrichs , Alfred Huger , Zulfikar Ramzan
- Applicant: Cisco Technology, Inc.
- Applicant Address: US CA San Jose
- Assignee: Cisco Technologies, Inc.
- Current Assignee: Cisco Technologies, Inc.
- Current Assignee Address: US CA San Jose
- Main IPC: G06F12/14
- IPC: G06F12/14 ; G06F21/56

Abstract:
The present invention relates to the security of general purpose computing devices, such as laptop or desktop PCs, and more specifically to the detection of malicious software (malware) on a general purpose computing device. A challenge in detecting malicious software is that files are typically scanned for the presence of malicious intent only once (and subsequent rescanning is typically performed in a simplistic manner). Existing methods in the art do not address how to most effectively rescan collections of files in a way that tries to optimize performance and efficacy. Accordingly we present novel methods, components, and systems for intelligently rescanning file collections and thereby enabling retroactive detection of malicious software and also retroactive identification of clean software. These methods may also be useful if additional information is now available regarding a file that might be useful to an end-user or an administrator, even though the file's core disposition might not have changed. More specifically, we describe methods, components, and systems that perform data analytics to intelligently rescan file collections for the purpose of retroactively identifying malware and retroactively identifying clean files. The disclosed invention provides a significant improvement with regard to efficacy and performance compared to previous approaches.
Public/Granted literature
Information query