Invention Grant
US08069484B2 System and method for determining data entropy to identify malware
有权
用于确定数据熵以识别恶意软件的系统和方法
- Patent Title: System and method for determining data entropy to identify malware
- Patent Title (中): 用于确定数据熵以识别恶意软件的系统和方法
-
Application No.: US11657541Application Date: 2007-01-25
-
Publication No.: US08069484B2Publication Date: 2011-11-29
- Inventor: Chad McMillan , Jason Garman
- Applicant: Chad McMillan , Jason Garman
- Applicant Address: US VA Alexandria
- Assignee: Mandiant Corporation
- Current Assignee: Mandiant Corporation
- Current Assignee Address: US VA Alexandria
- Agency: SNR Denton US LLP
- Main IPC: G06F11/00
- IPC: G06F11/00
Abstract:
Systems and methods for performing malware detection for determining suspicious data based on data entropy are provided. The method includes acquiring a block of data, calculating an entropy value for the block of data, comparing the entropy value to a threshold value, and recording the block of data as suspicious when the entropy value exceeds the threshold value. An administrator may then investigate suspicious data.
Public/Granted literature
- US20080184367A1 System and method for determining data entropy to identify malware Public/Granted day:2008-07-31
Information query
