Method and system for detecting malware

Invention Grant

US08578497B2 Method and system for detecting malware 有权

Title translation: 检测恶意软件的方法和系统

Please log in to see more content

Patent Title: Method and system for detecting malware
Patent Title (中): 检测恶意软件的方法和系统
Application No.: US12985140

Application Date: 2011-01-05
Publication No.: US08578497B2

Publication Date: 2013-11-05
Inventor: Emmanouil Antonakakis , Roberto Perdisci , Wenke Lee , Gunter Ollmann
Applicant: Emmanouil Antonakakis , Roberto Perdisci , Wenke Lee , Gunter Ollmann
Applicant Address: US GA Atlanta
Assignee: Damballa, Inc.
Current Assignee: Damballa, Inc.
Current Assignee Address: US GA Atlanta
Agency: DLA Piper LLP US
Main IPC: G06F11/00
IPC: G06F11/00 ; G06F15/173 ; H04L29/06

Abstract:

A system and method of analysis. NX domain names are collected from an asset in a real network. The NX domain names are domain names that are not registered. The real network NX domain names are utilized to create testing vectors. The testing vectors are classified as benign vectors or malicious vectors based on training vectors. The asset is then classified as infected if the NX testing vector created from the real network NX domain names is classified as a malicious vector.

Abstract(Chinese):

一种系统和分析方法。 NX域名是从真实网络中的资产收集的。 NX域名是未注册的域名。真正的网络NX域名被用来创建测试向量。测试向量基于训练向量分类为良性向量或恶意载体。如果从真实网络NX域名创建的NX测试向量被归类为恶意向量，则该资产被分类为被感染。

Public/Granted literature

US20110167495A1 METHOD AND SYSTEM FOR DETECTING MALWARE Public/Granted day:2011-07-07

Information query

Espacenet

IPC分类:

G	物理
G06	计算；推算或计数
G06F	电数字数据处理（基于特定计算模型的计算机系统入G06N）
G06F11/00	错误检测；错误校正；监控（在记录载体上作出核对其正确性的方法或装置入G06K5/00；基于记录载体和传感器之间的相对运动而实现的信息存储中所用的方法或装置入G11B，例如G11B20/18；静态存储中所用的方法或装置入G11C29/00）