Invention Grant
- Patent Title: Methods and apparatus to determine mutex entropy for malware classification
-
Application No.: US17645925Application Date: 2021-12-23
-
Publication No.: US12081584B2Publication Date: 2024-09-03
- Inventor: Niall Fitzgerald , German Lancioni , Brian Gaither
- Applicant: McAfee, LLC
- Applicant Address: US CA San Jose
- Assignee: MCAFEE, LLC
- Current Assignee: MCAFEE, LLC
- Current Assignee Address: US CA San Jose
- Agency: HANLEY, FLIGHT & ZIMMERMAN, LLC
- Main IPC: H04L9/40
- IPC: H04L9/40 ; G06F21/56 ; G06F40/20 ; G06F40/279

Abstract:
Methods, apparatus, systems, and articles of manufacture are disclosed to determine mutex entropy for malware classification. An example apparatus includes interface circuitry to access a mutex associated with a software application, the mutex to include a mutex identifier string, normalizer circuitry to normalize the mutex identifier string, character probability circuitry to determine character probabilities of characters within the normalized mutex identifier string, the character probabilities based on a historical mutex character distribution, entropy calculator circuitry to calculate an entropy value for the mutex based on the character probabilities, classifier circuitry to classify the mutex as clean or malicious based on the entropy value, and protector circuitry to mitigate malicious attacks based on the classification.
Public/Granted literature
- US20230208872A1 METHODS AND APPARATUS TO DETERMINE MUTEX ENTROPY FOR MALWARE CLASSIFICATION Public/Granted day:2023-06-29
Information query