×

Malware detection system with contextual analysis

  • US 10,581,874 B1
  • Filed: 12/31/2015
  • Issued: 03/03/2020
  • Est. Priority Date: 12/31/2015
  • Status: Active Grant
First Claim
Patent Images

1. A computerized method for detecting malware associated with an object, the method comprising:

  • analyzing, by a static analysis logic system, an object to obtain a first set of attributes, the first set of attributes includes one or more characteristics associated with the object;

    processing the object within a virtual machine associated with a dynamic analysis logic system and obtaining a second set of attributes, the second set of attributes corresponding to one or more monitored behaviors of the virtual machine during processing of the object;

    conducting a secondary analysis to determine a threat index for the object based, at least in part, on an analysis of a multi-type attribute combination being a combination of at least one attribute of the first set of attributes received from the static analysis logic system and at least one attribute of the second set of attributes received from the dynamic analysis logic system, wherein the multi-type attribute combination being analyzed collectively as contextual information and the threat index representing a probability of maliciousness associated with the object; and

    conducting an analysis of the object for a particular attribute in response to the particular attribute being absent from the multi-type attribute combination and present in an attribute pattern of a plurality of attributes patterns being used to identify whether the object is malicious or non-malicious.

View all claims
  • 7 Assignments
Timeline View
Assignment View
    ×
    ×