×

SYSTEM AND METHOD FOR THE DETECTION OF MALWARE

  • US 20100058474A1
  • Filed: 08/28/2009
  • Published: 03/04/2010
  • Est. Priority Date: 08/29/2008
  • Status: Abandoned Application
First Claim
Patent Images

1. A method of automatically identifying malware, the method comprising:

  • receiving, by an expert system knowledge base, an assembly language sequence from a binary file;

    identifying an instruction sequence from the received assembly language sequence;

    classifying, by the expert system knowledge base, the instruction sequence as threatening, non-threatening or non-classifiable by applying one or more rules of the expert system knowledge base to the instruction sequence;

    if the instruction sequence is classified as threatening, transmitting information to a code analysis component, wherein the information comprises one or more of the following;

    the instruction sequence,a label comprising an indication that the instruction sequence is threatening, anda request that one or more other assembly language sequences from the binary file be searched for at least a portion of the instruction sequence; and

    notifying a user that the binary file includes malware.

View all claims
  • 11 Assignments
Timeline View
Assignment View
    ×
    ×