Invention Grant
- Patent Title: Detecting script-based malware using emulation and heuristics
- Patent Title (中): 使用仿真和启发式检测基于脚本的恶意软件
-
Application No.: US13085937Application Date: 2011-04-13
-
Publication No.: US08997233B2Publication Date: 2015-03-31
- Inventor: Jonathon Patrick Green , Anjali Doulatram Chandnani , Simon David Christensen
- Applicant: Jonathon Patrick Green , Anjali Doulatram Chandnani , Simon David Christensen
- Applicant Address: US WA Redmond
- Assignee: Microsoft Technology Licensing, LLC
- Current Assignee: Microsoft Technology Licensing, LLC
- Current Assignee Address: US WA Redmond
- Agent Brian Haslam; Mike Allen; Micky Minhas
- Main IPC: G08B23/00
- IPC: G08B23/00 ; G06F11/30 ; G06F21/56
Abstract:
The subject disclosure is directed towards running script through a malware detection system including an emulator environment to detect any malware within the script. Statistics are collected as part of processing the script, with parameterized heuristic analysis used to determine whether to run the emulation. The processing through the malware detection system may be iterative, to de-obfuscate layers of obfuscated malware. The emulator may be updated via signatures.
Public/Granted literature
- US20120266244A1 Detecting Script-Based Malware using Emulation and Heuristics Public/Granted day:2012-10-18
Information query
