×

Systems and methods for behavior-based automated malware analysis and classification

  • US 9,769,189 B2
  • Filed: 02/21/2014
  • Issued: 09/19/2017
  • Est. Priority Date: 02/21/2014
  • Status: Active Grant
First Claim
Patent Images

1. A method of identifying malware, comprising:

  • accessing a set of samples, the set of samples comprising samples of different types of malware;

    running the set of samples on one or more computer systems;

    extracting, based on running the set of samples, a set of artifacts from the set of samples, wherein the set of artifacts includes information associated with a registry or a memory;

    determining a set of features from the set of artifacts for at least one sample in the set of samples;

    selecting one of a set of algorithms based on one or more selection features or parameters;

    analyzing the set of features using the one of the set of algorithms; and

    identifying, based at least partially on analyzing the set of features, malware in the set of samples by at least one of classifying or clustering samples in the set of samples into the different types of malware.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×