Patent · US Active

Automatic threat detection of executable files based on static data analysis

US10599844B2 · kind B2 · utility

88Cited by

4References

20Claims

0Family size

Assignee

WEBROOT INC. · US

Inventors

Mauritius A. R. Schmidtler · Escondido, US
Gaurav Mitesh Dalal · Fremont, US
Reza M. Yoosoofmiya · San Diego, US

Key dates

Filing date	May 12, 2015
Grant date	Mar 24, 2020
Priority date	—
Expiry date	Aug 15, 2035

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/033
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Aspects of the present disclosure relate to threat detection of executable files. A plurality of static data points may be extracted from an executable file without decrypting or unpacking the executable file. The executable file may then be analyzed without decrypting or unpacking the executable file. Analysis of the executable file may comprise applying a classifier to the plurality of extracted static data points. The classifier may be trained from data comprising known malicious executable files, known benign executable files and known unwanted executable files. Based upon analysis of the executable file, a determination can be made as to whether the executable file is harmful.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.