SYSTEM AND METHOD FOR TRANSITIONING TO A WHITELIST MODE DURING A MALWARE ATTACK IN A NETWORK ENVIRONMENT

SYSTEM AND METHOD FOR TRANSITIONING TO A WHITELIST MODE DURING A MALWARE ATTACK IN A NETWORK ENVIRONMENT

A method is provided in one example embodiment that includes receiving a signal to enable a whitelist mode on a host in a network, terminating a process executing on the host if the process is not verified, and blocking execution of software objects on the host if the software objects are not repres...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: JAYANTHI, SRIDHAR, SRINIVASA, GANGADHARASA, KHARE, PRANEET
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A method is provided in one example embodiment that includes receiving a signal to enable a whitelist mode on a host in a network, terminating a process executing on the host if the process is not verified, and blocking execution of software objects on the host if the software objects are not represented on the whitelist. In more particular embodiments, the method also includes identifying the process on a process list that enumerates one or more processes executing on the host. Yet further embodiments include quarantining the host if a second process on the process list is a critical process and if the second process is not verified. More specific embodiments include identifying and restarting another process on the process list if process memory was modified.