Parallel processing for malware detection
US11520887B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Oct 14, 2020 |
| Grant date | Dec 6, 2022 |
| Priority date | — |
| Expiry date | Jun 12, 2041 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/552
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Client devices detect malware based on a ruleset received from a security server. To evaluate a current ruleset, an administrative client device initiates a ruleset evaluation of the malware detection ruleset. A security server partitions stored malware samples into a group of evaluation lists based on an evaluation policy. The security server then creates scanning nodes on an evaluation server according to the evaluation policy. The scanning nodes scan the malware samples of the evaluation lists using the rulesets and associate each malware sample with a rule of the ruleset based on the detections, if any. The security server analyzes the associations and optimizes the ruleset and stored malware samples. The security server sends the optimized ruleset to client devices such that they more efficiently detect malware samples.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.