Patent · US Active

Detecting malware by pooled analysis of sample files in a sandbox

US11379578B1 · kind B1 · utility

0Cited by

10References

10Claims

0Family size

Assignee

Trend Micro Incorporated · JP

Inventors

Jun Qu · Beijing, CN
Zhichao Ding · Nanjing, CN
Renkui Tao · Nanjing, CN

Key dates

Filing date	Oct 16, 2020
Grant date	Jul 5, 2022
Priority date	—
Expiry date	Dec 16, 2040

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/033
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Systems and methods are presented for performing sandboxing to detect malware. Sample files are received and activated individually in separate sandboxes in one mode of operation. In another mode of operation, sample files are assigned to pools. Sample files of a pool are activated together in the same sandbox. The sample files of the pool are deemed to be normal when no anomalous event is detected in the sandbox. Otherwise, when an anomalous event is detected in the sandbox, the sample files of the pool are activated separately in separate sandboxes to isolate and identify malware among the sample files.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.