Methods and apparatus for malware detection using jar file decompilation
US11435990B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Aug 14, 2019 |
| Grant date | Sep 6, 2022 |
| Priority date | — |
| Expiry date | Nov 28, 2040 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/033
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
The methods and apparatus for detecting malware using JAR file decompilation are disclosed. An apparatus for decompiling class files, the apparatus comprising a class feature unpacker to unpack a class feature from a class file included in an instruction set, a constant pool address generator to generate a constant pool address table, from the class features, including a plurality of constant pool blocks, based on constant pool type, through an iterative process, a class feature identifier to determine values for each constant pool block based on a constant pool type and store the determined values as a class file feature set, a feature value identifier to obtain raw feature values from a class file feature set and non-class file features, and a feature matrix generator to generate a matrix based on the raw features that correspond to the instruction set.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.