Enhanced malware detection for generated objects
US10581879B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 19, 2017 |
| Grant date | Mar 3, 2020 |
| Priority date | — |
| Expiry date | Jul 24, 2037 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F9/45533
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A computerized method to identify malicious code generated by seemingly benign objects is described. The generated malware detection system described identifies generated objects (code) and analyzes each generated object to collect features which may be associated with maliciousness. The analysis may determine if an Abstract Syntax Tree (AST) representation of the generated object is correlated with known malware ASTs. Correlation of the features identified during processing of the generated objects, including the sequences of generated object, may be used in classifying the object as malicious. The malware detection system may communicate with the one or more endpoint devices to influence detection and reporting of behaviors and malware by those device(s).
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.