Patent · US Active

Malware detection through symbol whitelisting

US8176554B1 · kind B1 · utility

30Cited by

0References

18Claims

0Family size

Assignee

Symantec Corporation · US

Inventor

Mark Kennedy · Redondo Beach, US

Key dates

Filing date	May 30, 2008
Grant date	May 8, 2012
Priority date	—
Expiry date	Mar 9, 2031

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1416
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A security module identifies symbols within an executable file. The security module compares these identified symbols to a set of symbols expected to be present in a legitimate executable file. Based at least in part on an identified symbol not being within the set of expected symbols, the security module determines that the executable file poses a heightened security risk. In one embodiment, a remediation module takes an appropriate response to prevent potential malware exploits by the executable file.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.