Detection center to detect targeted malware

Assignee

• FireEye, Inc. · US

Inventors

• Thoufique Haq · Sunnyvale, US
• Jinjian Zhai · Union City, US
• Vinay Pidathala · San Jose, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/205
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A computerized method is described that is adapted to compare extracted features of a received object under analysis with one or more features associated with each known malicious object of a plurality of known malicious objects accessible to the one or more servers. Responsive to determining that the extracted features satisfy a prescribed level of correlation with the one or more features of a first known malicious object of the plurality of known malicious objects, identifying the received object as a malicious object. Also, responsive to determining that the extracted features fail to satisfy the prescribed level of correlation, conducting a second analysis that includes a comparison of the extracted features to the one or more features associated with each of the plurality of known malicious objects being of a type of malware other than malware targeting a specific entity.