Systems and methods for detection of new malicious executables

  • US 7,979,907 B2
  • Filed: 12/18/2008
  • Issued: 07/12/2011
  • Est. Priority Date: 07/30/2001
  • Status: Active Grant
First Claim
Patent Images

1. A method for classifying an executable attachment in an email received at a computer system comprising:

  • a) filtering said executable attachment from said email;

    b) extracting a byte sequence feature from said executable attachment; and

    c) classifying said executable attachment by comparing said byte sequence feature of said executable attachment with a classification rule set derived from byte sequence features of a set of executables having a predetermined class in a set of classes,wherein said classifying comprises determining using a computer processor, with a Multi-Naive Bayes algorithm, a probability that said executable attachment is a member of each class in said set of classes based on said byte sequence feature and dividing said step of determining said probability into a plurality of processing steps and executing said processing steps in parallel.

View all claims

    Thank you for your feedback