MALWARE DETECTION USING A DIGITAL CERTIFICATE
First Claim
1. At least one machine readable medium comprising one or more instructions that when executed by at least one processor, cause the at least one processor to:
- analyze data related to a digital certificate; and
assign a reputation to the digital certificate, wherein the reputation includes an indication if the data related to the digital certificate is proper.
10 Assignments
0 Petitions
Accused Products
Abstract
Particular embodiments described herein provide for an electronic device that can be configured to analyze data related to a digital certificate and assign a reputation to the digital certificate, where the reputation includes an indication if the data is proper. The analysis of the data can include determining if code signing for the digital certificate matches binary code for the digital certificate, if the digital certificate has been grafted to the data by modifying a portable executable file header, or the digital certificate is the same as another trusted digital certificate associated with different data.
18 Citations
20 Claims
-
1. At least one machine readable medium comprising one or more instructions that when executed by at least one processor, cause the at least one processor to:
-
analyze data related to a digital certificate; and assign a reputation to the digital certificate, wherein the reputation includes an indication if the data related to the digital certificate is proper. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An apparatus comprising:
a digital certificate validation module configured to; identify a file that includes a digital certificate and data related to the digital certificate; analyze the data related to the digital certificate; and assign a reputation to the file, wherein the reputation includes an indication if the data related to the digital certificate is proper. - View Dependent Claims (8, 9, 10, 11, 12)
-
13. A method comprising:
-
analyzing data related to a digital certificate; and assigning a reputation to the digital certificate, wherein the reputation includes an indication if the data related to the digital certificate is proper. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A system for malware detection using a digital certificate, the system comprising:
-
a digital certificate validation module configured for; identifying data related to a digital certificate; analyzing the data related to the digital certificate; and assigning a reputation to the digital certificate, wherein the reputation includes an indication if the data related to the digital certificate is proper. - View Dependent Claims (19, 20)
-
Specification