Invention Grant
US08291497B1 Systems and methods for byte-level context diversity-based automatic malware signature generation
有权
基于字节级上下文分集的自动恶意软件签名生成系统和方法
- Patent Title: Systems and methods for byte-level context diversity-based automatic malware signature generation
- Patent Title (中): 基于字节级上下文分集的自动恶意软件签名生成系统和方法
-
Application No.: US12408306Application Date: 2009-03-20
-
Publication No.: US08291497B1Publication Date: 2012-10-16
- Inventor: Kent Griffin , Tzi-cker Chiueh , Scott Schneider
- Applicant: Kent Griffin , Tzi-cker Chiueh , Scott Schneider
- Applicant Address: US CA Mountain View
- Assignee: Symantec Corporation
- Current Assignee: Symantec Corporation
- Current Assignee Address: US CA Mountain View
- Agency: Advantedge Law Group
- Main IPC: G06F11/00
- IPC: G06F11/00 ; G06F12/14 ; G06F12/16 ; G06F11/30 ; G06F15/173 ; G08B23/00
Abstract:
A computer-implemented method for facilitating automatic malware signature generation may comprise providing a byte sequence marked for possible inclusion within one or more malware signatures, determining a context diversity of the byte sequence within malware files each containing the byte sequence in accordance with a diversity-based heuristic, and preventing the byte sequence from being included within the one or more malware signatures in accordance with the determined context diversity. Corresponding systems and computer-readable storage media are also disclosed.
Information query
