Please download the dossier by clicking on the dossier button x
×

Systems and methods for identifying polymorphic malware

  • US 8,479,291 B1
  • Filed: 10/28/2010
  • Issued: 07/02/2013
  • Est. Priority Date: 10/28/2010
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method for identifying polymorphic malware, the method comprising:

  • identifying a sample of a variant within a polymorphic malware strain;

    identifying a set of filters for identifying the polymorphic malware strain;

    determining that the set of filters incorrectly excludes the sample from being identified as within the polymorphic malware strain in response to at least one of;

    determining that the set of filters excludes the sample from being identified as within the polymorphic malware strain and a proportion of filters within the set of filters identify the sample as within the polymorphic malware strain, and/orexamining how close the set of filters is to correctly categorizing the sample;

    modifying the set of filters to not exclude the sample from being identified as within the polymorphic malware strain,wherein at least a portion of the method is being performed by a computing device comprising at least one processor.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×