Patent · US Active

Method and system for detecting malware

US10257212B2 · kind B2 · utility

5Cited by

92References

18Claims

0Family size

Assignee

Help/Systems, LLC · US

Inventors

Emmanouil Antonakakis · Dunwoody, US
Robert Perdisci · Smyrna, US
Wenke Lee · Atlanta, US
Gunter Ollmann · Norcross, US

Key dates

Filing date	Dec 19, 2016
Grant date	Apr 9, 2019
Priority date	—
Expiry date	Dec 19, 2036

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/14
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A system and method of analysis. NX domain names are collected from an asset in a real network. The NX domain names are domain names that are not registered. The real network NX domain names are utilized to create testing vectors. The testing vectors are classified as benign vectors or malicious vectors based on training vectors. The asset is then classified as infected if the NX testing vector created from the real network NX domain names is classified as a malicious vector.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.