×

SYSTEM AND METHOD FOR DETECTING EXECUTABLE MACHINE INSTRUCTIONS IN A DATA STREAM

  • US 20140237600A1
  • Filed: 04/28/2014
  • Published: 08/21/2014
  • Est. Priority Date: 10/27/2009
  • Status: Active Grant
First Claim
Patent Images

1. A method of analyzing whether executable code exists within data, said method comprising:

  • accessing a plurality of values representing data contained within a memory of a computer system;

    performing pre-processing on the plurality of values to produce a candidate data subset, said pre-processing being performed by a computer and comprising determining whether the plurality of values meets at least one of (a) a randomness condition, (b) a length condition, and (c) a string ratio condition;

    inspecting, with the computer, the candidate data subset for computer instructions;

    determining one or more characteristics of the computer instructions; and

    taking a predetermined action based on the characteristics of the computer instructions.

View all claims
  • 4 Assignments
Timeline View
Assignment View
    ×
    ×