×

Systems and Methods For Malware Classification

  • US 20100180344A1
  • Filed: 12/04/2009
  • Published: 07/15/2010
  • Est. Priority Date: 01/10/2009
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method for malware classification, the method comprising:

  • loading a software code into a software emulator;

    emulating the software code and recording actions of the software code in an activity log;

    analyzing the software code and the activity log thereof for the presence of a malware;

    generating from the activity log an execution flow graph of the emulated software code;

    parsing the execution flow graph of the emulates software code to identify one or more malicious behavior patterns therein;

    computing similarity indexes between the identified malicious behavior patterns and one or more malicious behavior patterns associated with known classes of malware;

    classifying the emulated software code into one or more classes of malware based on the computed similarity indexes for the one or more malicious behavior patterns; and

    generating a malware report from the execution flow graph and malware classifications.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×