×

METHODS AND SYSTEMS FOR MALWARE DETECTION BASED ON ENVIRONMENT-DEPENDENT BEHAVIOR

  • US 20140317745A1
  • Filed: 04/19/2013
  • Published: 10/23/2014
  • Est. Priority Date: 04/19/2013
  • Status: Active Grant
First Claim
Patent Images

1. ) A method of classifying malicious computer code, the method comprising:

  • monitoring, by one or more computing processors, execution of a computer program comprising suspicious computer code;

    recognizing access by the computer program of an item of environmental information;

    identifying a plurality of execution paths in the computer program dependant on a branch in the computer program based on a value of the accessed item of environmental information;

    determining that a first execution path in the plurality of execution paths results in benign behavior and that a second execution path in the plurality of execution paths results in malicious behavior;

    classifying the computer program as evasive malware responsive to the determining.

View all claims
  • 3 Assignments
Timeline View
Assignment View
    ×
    ×