Hiran V Nath
Assistant Professor
MB209, Department of Computer Science and Engineering, National Institute of Technology Calicut, NIT Campus PO, Calicut, Kerala - 673601, India +91-0495-2286819 hiranvnath[at]nitc[dot]ac[dot]in (email)
System and Method for Zero-Day Privilege Escalation Malware Detection
- Citation:
- Viswanath, H, Mehtre BM. 2018. System and Method for Zero-Day Privilege Escalation Malware Detection.
Patent Number:
US9959406B2Abstract:
The various embodiments herein disclose a system and method for detecting zero-day privilege escalation malware at host level. The method identifies whether a privileged escalation state is initiated and executed by a user or by a malware program. The method uses keystrokes, Mouse events along with OCR output extracted from recorded background screen image for checking if user has initiated the privilege escalation. If a new process starts automatically without any pattern in Key Strokes, Mouse Strokes and background screen, then the process is identified as zero-day privilege escalation malware.
