Patent · US Active

Automatic threat detection of executable files based on static data analysis

US11409869B2 · kind B2 · utility

33Cited by

7References

59Claims

0Family size

Assignee

WEBROOT INC. · US

Inventors

Mauritius A. R. Schmidtler · Escondido, US
Gaurav Mitesh Dalal · Fremont, US
Reza M. Yoosoofmiya · San Diego, US

Key dates

Filing date	Feb 14, 2020
Grant date	Aug 9, 2022
Priority date	—
Expiry date	Feb 14, 2040

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/033
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Aspects of the present disclosure relate to threat detection of executable files. A plurality of static data points may be extracted from an executable file without decrypting or unpacking the executable file. The executable file may then be analyzed without decrypting or unpacking the executable file. Analysis of the executable file may comprise applying a classifier to the plurality of extracted static data points. The classifier may be trained from data comprising known malicious executable files, known benign executable files and known unwanted executable files. Based upon analysis of the executable file, a determination can be made as to whether the executable file is harmful.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.