High-confidence malware severity classification of reference file set

Assignee

• Avast Software s.r.o. · CZ

Inventors

• Martin Bálek · Teplice, CZ
• Fabrizio Biondi · Praha, CZ
• Dmitry Kuznetsov · Novosibirsk, RU
• Olga Petrova · Vršovice, CZ

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/2115
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A reference file set having high-confidence malware severity classification is generated by selecting a subset of files from a group of files first observed during a recent observation period and including them in the subset. A plurality of other antivirus providers are polled for their third-party classification of the files in the subset and for their third-party classification of a plurality of files from the group of files not in the subset. A malware severity classification is determined for the files in the subset by aggregating the polled classifications from the other antivirus providers for the files in the subset after a stabilization period of time, and one or more files having a third-party classification from at least one of the polled other antivirus providers that changed during the stabilization period to the subset are added to the subset.