patents
Detecting suspicious application overlays on a device
Patent Application Publication:
US10846395B2
Status:
Granted
Date:
2020-11-24
External Link:
Detecting suspicious application overlays on a device
Abstract:
Systems and methods detect suspicious application overlays on a device. An overlay detection unit can detect if a first foreground application has been replaced, within a threshold amount of time, by a second foreground application. If the replacement time is below a threshold amount of time, a suspicious overlay detection can be triggered to alert the user to a possible phishing attempt by the second foreground application.
Malware family tracking and visualization across time
Patent Application Publication:
US20210019408A1
Status:
Pending
Date:
-
External Link:
Malware family tracking and visualization across time
Abstract:
A malware analysis system is operable to select a family of related malware for evaluation from a database of observed malware. The system extracts static and dynamic features of the malware samples from the selected malware family in the database, and an observation time of each of the malware samples from the selected malware family. The system then creates a visualization illustrating change in at least one of static and dynamic features of the selected malware family over time. The system extracts a geographic location of a command and control server associated with malware samples if present, and the created visualization further illustrates the geographic areas in which the malware was found. The system illustrates a group of malware detections as an object having characteristics indicating one or more of the features in the clustered malware detections, and/or the number of features that vary between the clustered malware detections.