×

Reducing malware signature set size through server-side processing

  • US 8,239,944 B1
  • Filed: 03/28/2008
  • Issued: 08/07/2012
  • Est. Priority Date: 03/28/2008
  • Status: Active Grant
First Claim
Patent Images

1. A method of evaluating a signature detection event, comprising:

  • using a computer to perform steps comprising;

    providing a reduced set of malware signatures to a client, the signatures in the reduced set of malware signatures generating a greater rate of false positive malware detections than signatures in a comprehensive set of malware signatures;

    receiving from the client a signature detection event report indicating a detection of a malware signature in the reduced set of malware signatures in association with an entity, the signature detection event report comprising data describing the entity;

    examining the data describing the entity using the comprehensive set of malware signatures to determine whether the signature detection event is a false positive signature detection event; and

    reporting to the client whether the signature detection event is a false positive signature detection event.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×