AUXILIARY METHOD FOR INVESTIGATING LURKING PROGRAM INCIDENTS
Number of patents in Portfolio can not be more than 2000
United States of America Patent
Stats
-
N/A
Issued Date -
Jun 4, 2009
app pub date -
Nov 30, 2007
filing date -
Nov 30, 2007
priority date (Note) -
Abandoned
status (Latency Note)
Importance
Abstract
An auxiliary method for investigating lurking program incidents is disclosed. The method is to keep monitoring a plurality of processes run by a computer system and save process-invoking relationship data of each process being monitored when the process is created and terminated. Simultaneously, a system registry database of the computer system is also monitored and autostart-registered data of the programs is saved. Then correlate the process-invoking relationship data to the autostart-registered data for generating and saving process-invoking relationship log so as to extract and save high-level crucial clues of suspicious lurking programs. By the present method, only a little amount of high level crucial clues and process-invoking relationship log is collected and a few system resources is consumed for providing clear evidence that is helpful to investigation of lurking program incidents. Thus cost of time and labor for collecting and analyzing large amount of low-level logs is saved.
First Claim
Family
International Classification(s)
Cited Art Landscape
Patent Citation Ranking
Recipient Email Address
Recipient Email Address
Comment
Recipient Email Address
Add to Portfolio(s)
To add this patent to one, or more, of your portfolios, simply click the add button.
This Patent is in these Portfolios:
Add to additional portfolios:
Last Refreshed On:
Changes done successfully