Adaptive malware binary rewriting
US12019746B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 28, 2022 |
| Grant date | Jun 25, 2024 |
| Priority date | — |
| Expiry date | Jan 4, 2043 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/577
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
An adaptive malware writing system includes a targeting engine that classifies malware candidates as a malicious candidate or a benign candidate through a surrogate model. The surrogate model assigns a weight to each byte of the malware candidates through a saliency vector. The sum of the weights render a malware classification score. An alteration engine alters a binary form of the malware candidates classified as malware by executing a functional analysis that traces application program interface calls and memory. The alteration engine alters the binary form of the malware candidates classified as malware to render a synthesized malware. The malware analysis determines if the synthesized malware is operational by comparing an image of the synthesized malware to an image of at least one of the plurality of malware candidates. A target classifier engine identifies the vulnerabilities of a targeted computer.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.