Rapid7, Inc.
Detecting malicious processes based on process location
Last updated:
Abstract:
Methods and systems for detecting malicious processes. Methods described herein gather data regarding process locations and calculate one or more inequality indicators related to the process paths based on economic principles. Instances of inequality with respect to process paths may indicate a path is uncommon and therefore the associated binary is used for malicious purposes.
Status:
Grant
Type:
Utility
Filling date:
18 Sep 2019
Issue date:
7 Jun 2022