×

System and method for analyzing malicious code using a static analyzer

  • US 9,081,961 B2
  • Filed: 06/09/2011
  • Issued: 07/14/2015
  • Est. Priority Date: 06/11/2010
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method comprising:

  • parsing, via a processor, computer code received from a non-trusted entity via a network, the computer code received by a gateway when sent by the non-trusted entity to a client device in response to a request from the client device;

    transforming, via the processor, the parsed computer code into an abstract syntax tree, the abstract syntax tree containing a first node having a statement from the parsed computer code;

    analyzing, via the processor, the statement in the first node to determine if the statement contains a user-defined function;

    in response to determining that the statement in the first node does not contain the user-defined function, executing the statement; and

    determining the computer code is malicious by comparing a result of the execution of the statement in the first node to a set of rules denoting malicious behavior.

View all claims
  • 7 Assignments
Timeline View
Assignment View
    ×
    ×