×

Mitigation of malware

  • US 10,482,247 B2
  • Filed: 03/28/2019
  • Issued: 11/19/2019
  • Est. Priority Date: 06/27/2014
  • Status: Active Grant
First Claim
Patent Images

1. At least one non-transitory, computer-readable medium including one or more instructions that, when executed by at least one processor, cause the at least one processor to perform a method comprising:

  • determining a first checksum at a first region or area of a first file;

    comparing the first checksum to a root in a checksum tree, the root indicating a checksum at a point of a second file or a fuzzy checksum at the point of the second file;

    determining a second checksum at a second region or area of the first file offset from the first region or area of the first file, if the first checksum matches the root;

    comparing the second checksum to a descendant node of the root in the checksum tree, the descendant node indicating a checksum or fuzzy checksum, wherein the checksum or fuzzy checksum indicated by the descendant node is offset from the point of the second file;

    assigning a classification to the first file, if the second checksum matches the descendant node, wherein the classification indicates malware or a benign file; and

    assigning a percentage to the classification.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×