专利名称:Systems and methods for identifying
malware
发明人:Jiang Dong申请号:US14570393申请日:20141215公开号:US09519780B1公开日:20161213
专利附图:
摘要:A computer-implemented method for identifying malware may include (1)determining, for multiple commands within bytecode associated with a malware program,whether each command constitutes an invocation command, (2) filtering, based on the
determination, invocation commands from the bytecode, (3) adding, for each invocationcommand filtered from the bytecode, an opcode, a format code, and a functionprototype to a collection of opcodes, format codes, and function prototypes, (4)generating a digital fingerprint of the collection including the opcode, the format code,and the function prototype for each invocation command filtered from the bytecode, and(5) performing, by a computer security system, a remedial action to protect a user inresponse to detecting the presence of a variant of the malware program by determiningthat the digital fingerprint matches a candidate instance of bytecode under evaluation.Various other methods, systems, and computer-readable media are also disclosed.
申请人:Symantec Corporation
地址:Mountain View CA US
国籍:US
代理机构:FisherBroyles LLC
更多信息请下载全文后查看
因篇幅问题不能全部显示,请点此查看更多更全内容