×

System and method for determining data entropy to identify malware

  • US 20080184367A1
  • Filed: 01/25/2007
  • Published: 07/31/2008
  • Est. Priority Date: 01/25/2007
  • Status: Active Grant
First Claim
Patent Images

1. A malware detection method in a data processing system for determining suspicious data based on data entropy, the method comprising the steps of:

  • acquiring a block of data;

    calculating an entropy value for the block of data;

    comparing the entropy value to a threshold value; and

    recording the block of data as suspicious when the entropy value exceeds the threshold value.

View all claims
  • 11 Assignments
Timeline View
Assignment View
    ×
    ×