Remediating rogue applications
US-2015326586-A1 · Nov 12, 2015 · US
Managed software remediation
US12021892B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12021892-B2 |
| Application number | US-201916382805-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 12, 2019 |
| Priority date | Sep 27, 2013 |
| Publication date | Jun 25, 2024 |
| Grant date | Jun 25, 2024 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
There is disclosed in one example a remediation server including: a hardware platform, including a processor, a memory, and a network interface; and instructions encoded within the memory to instruct the processor to: receive an application binary; create an application logic model of the application binary; and create personalization rules for the application binary based on the application logic model.
First claim
Opening claim text (preview).
What is claimed is: 1. A remediation server comprising: a hardware platform, comprising a processor circuit, a memory, and a network interface; and instructions encoded within the memory to instruct the processor circuit to: receive an application binary; create an application logic model (ALM) of the application binary, wherein creating the ALM comprises disassembling the application binary, modeling application logic according to the disassembling, creating a data flow structure that represents a lifetime of an object that passes through the application logic, and stepping through the ALM while tracking the data flow structure; determine, from the ALM, runtime application behavior modifications; and create personalization rules for the application binary, including implementing one or more application behavior modifications. 2. The remediation server of claim 1 , wherein the instructions are further to instruct the processor circuit to: detect malware behavior in the application binary; and heal the application binary by inserting or removing instructions to ameliorate the malware behavior and recompile the application binary. 3. The remediation server of claim 1 , wherein creating personalization rules comprises receiving application programming interface (API) intelligence from a platform API intelligence database. 4. The remediation server of claim 1 , wherein creating personalization rules comprises receiving threat intelligence from a global threat intelligence database. 5. The remediation server of claim 1 , wherein creating personalization rules comprises performing heuristic analysis on the application binary. 6. The remediation server of claim 1 , wherein the application logic model comprises structured text configured to contain text objects representing application programming interface (API) elements. 7. A computer-implemented method of providing malware remediation, comprising: receiving an application binary; creating an application logic model (ALM) of the application binary, wherein creating the ALM comprises disassembling the application binary, modeling application logic according to the disassembling, creating a data flow structure that represents a lifetime of an object that passes through the application logic, and stepping through the ALM while tracking the data flow structure; determine, from the ALM, runtime application behavior modifications; and creating personalization rules for the application binary including implementing one or more application behavior modifications. 8. The method of claim 7 , further comprising: detecting malware behavior in the application binary; and healing the application binary by inserting or removing instructions to ameliorate the malware behavior and recompile the application binary. 9. The method of claim 7 , wherein creating personalization rules comprises receiving application programming interface (API) intelligence from a platform API intelligence database.
Assignees
Inventors
Classifications
Detection or prevention of fraud · CPC title
Anti-malware arrangements, e.g. protection against SMS fraud or mobile malware · CPC title
Access security · CPC title
to features or functions of an application · CPC title
Protecting personal data, e.g. for financial or medical purposes · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12021892B2 cover?
- There is disclosed in one example a remediation server including: a hardware platform, including a processor, a memory, and a network interface; and instructions encoded within the memory to instruct the processor to: receive an application binary; create an application logic model of the application binary; and create personalization rules for the application binary based on the application lo…
- Who is the assignee on this patent?
- Mcafee Llc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/568. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jun 25 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).