Invention Grant
- Patent Title: Selecting malware signatures based on malware diversity
- Patent Title (中): 根据恶意软件多样性选择恶意软件签名
-
Application No.: US12403335Application Date: 2009-03-12
-
Publication No.: US08321942B1Publication Date: 2012-11-27
- Inventor: Tzi-cker Chiueh , Kent E. Griffin , Scott Schneider , Xin Hu
- Applicant: Tzi-cker Chiueh , Kent E. Griffin , Scott Schneider , Xin Hu
- Applicant Address: US CA Mountain View
- Assignee: Symantec Corporation
- Current Assignee: Symantec Corporation
- Current Assignee Address: US CA Mountain View
- Agency: Fenwick & West LLP
- Main IPC: G06F21/56
- IPC: G06F21/56
Abstract:
A candidate signature for a known malware entity is selected for analysis. A set of malware entities that contain the candidate signature is identified. A diversity measurement for the candidate signature is determined. The diversity measurement describes the diversity of the set of malware entities that contain the candidate signature. A determination is made whether to use the candidate signature to identify the known malware entity based at least in part on the diversity measurement. Responsive to the determination, the candidate malware signature is stored as a signature for the known malware entity.
Information query
