Network-Based Binary File Extraction and Analysis for Malware Detection
First Claim
Patent Images
1. A method for network-based file analysis for malware detection, the method comprising:
- receiving network content from a network tap;
identifying a binary packet in the network content;
extracting a binary file including the binary packet from the network content; and
determining whether the extracted binary file is detected to be malware.
5 Assignments
0 Petitions
Accused Products
Abstract
A system and method are disclosed for network-based file analysis for malware detection. Network content is received from a network tap. A binary packet is identified in the network content. A binary file, including the binary packet, is extracted from the network content. It is determined whether the extracted binary file is detected to be malware.
458 Citations
20 Claims
-
1. A method for network-based file analysis for malware detection, the method comprising:
-
receiving network content from a network tap; identifying a binary packet in the network content; extracting a binary file including the binary packet from the network content; and determining whether the extracted binary file is detected to be malware. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for network-based file analysis for malware detection, the system comprising:
-
a binary identification module configured to receive and identify a binary packet in network content; a binary extraction module communicatively coupled with the binary identification module and configured to extract a binary file including the identified binary packet from the network content; and a malware determination module configured to determine whether an extracted binary file is detected to be malware. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A computer-readable storage medium having stored thereon instructions executable by a processor to perform a method for network-based file analysis for malware detection, the method comprising:
-
receiving network content from a network tap; identifying a binary packet in the network content; extracting a binary file including the binary packet from the network content; and determining whether the extracted binary file is detected to be malware.
-
Specification