SYSTEM AND METHOD FOR DETECTING MALWARE
First Claim
Patent Images
1. A method of detecting malware using non-executable file format comprising the steps of:
- receiving a portable executable file from a computer software in need of analysis;
converting said portable executable file to a computer graphic image;
processing said graphic image; and
identification of said computer file as benign or malicious malware.
0 Assignments
0 Petitions
Accused Products
Abstract
A system and method for detecting malware. The system and method is designed to detect malware without the requirement of malware signatures. The process relies upon converting a binary code file to an image. One or more machine learning techniques are used to classify the code as benign or malicious software.
-
Citations
19 Claims
-
1. A method of detecting malware using non-executable file format comprising the steps of:
-
receiving a portable executable file from a computer software in need of analysis; converting said portable executable file to a computer graphic image; processing said graphic image; and identification of said computer file as benign or malicious malware. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. The method of detecting malware using non-executable file format according to claim 14 wherein said machine learning algorithms are based on support vector machine (SVM) or k-nearest neighbor (kNN).
-
15. A system for detecting or classifying malware using a non-executable file format comprising:
-
one or more processors; and memory storing instructions that, when executed by said one or more processors, cause said one or more processors to detect or classify malware using a non-executable file format located on computer device; said detecting or classifying malware using a non-executable file format located on computer device including receiving a portable executable file from a computer software in need of analysis; converting said portable executable file to a computer graphic image; processing said graphic image; and identifying said computer file as benign or malicious malware. - View Dependent Claims (16, 17, 18)
-
-
19. A non-transitory computer readable medium storing instructions comprising:
instructions for detecting or classifying malware using a non-executable file format located on computer device by; receiving a portable executable file from a computer software in need of analysis; converting said portable executable file to a computer graphic image; processing said graphic image; and identifying said computer file as benign software or malicious malware.
Specification