Non-transitory computer-readable storage medium, information processing apparatus and method for detecting malware
US11036564B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 15, 2017 |
| Grant date | Jun 15, 2021 |
| Priority date | — |
| Expiry date | Feb 20, 2038 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/033
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A non-transitory computer-readable storage medium storing a program that causes an information processing apparatus to execute a process, the process includes executing a first program and a second program using a system including a kernel of an OS, acquiring first information regarding a first API call and second information regarding a second API call, executing a similarity judgment process in which a similarity between the first program and the second program is judged, wherein the first information is information indicating at least one of a type of the first API call, the number of executions of the first API call, and a call order of the first API call, the second information includes at least one of a type of the second API call, the second information includes the number of executions of the second API call, and a call order of the second API cal.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.