SYSTEM AND METHOD FOR DEFINING AND DETECTING PESTWARE
First Claim
Patent Images
1. A method for generating pestware definitions comprising:
- receiving a pestware file;
placing at least a portion of the pestware file into a processor-readable memory;
following a plurality of execution paths within code of the pestware file, wherein each of the execution paths is a potential path that a processor executing the code may follow;
identifying particular instructions within the execution paths;
storing, in a processor-readable pestware-definition file, a representation of the relative locations of each of the particular instructions within the code of the pestware file; and
sending the pestware-definition file to a plurality of client devices.
9 Assignments
0 Petitions
Accused Products
Abstract
A system and method for defining and detecting pestware is described. One embodiment includes receiving a file and placing at least a portion of the file into a processor-readable memory of a computer. A plurality of execution paths within code of the pestware file are followed and particular instructions within the execution paths are identified. A representation of the relative locations of each of the particular instructions within the code of the file are compared against a pestware-definition file so as to determine whether the file is a potential pestware file.
82 Citations
14 Claims
-
1. A method for generating pestware definitions comprising:
-
receiving a pestware file; placing at least a portion of the pestware file into a processor-readable memory; following a plurality of execution paths within code of the pestware file, wherein each of the execution paths is a potential path that a processor executing the code may follow; identifying particular instructions within the execution paths; storing, in a processor-readable pestware-definition file, a representation of the relative locations of each of the particular instructions within the code of the pestware file; and sending the pestware-definition file to a plurality of client devices. - View Dependent Claims (2, 3, 4, 5, 6, 7, 12)
-
-
8. A method for detecting pestware on a computer comprising:
-
receiving a file; placing at least a portion of the file into a processor-readable memory of the computer; following a plurality of execution paths within code of the pestware file, wherein each of the execution paths is a potential path that a processor executing the code may follow; identifying particular instructions within the execution paths; comparing, against a pestware-definition file, a representation of the relative locations of each of the particular instructions within the code of the file so as to determine whether the file is a potential pestware file. - View Dependent Claims (9, 10, 11, 13, 14)
-
Specification