Patent · US Active

Methods and systems for detecting malware

US8181251B2 · kind B2 · utility

27Cited by

1References

16Claims

0Family size

Assignee

Symantec Corporation · US

Inventor

Mark Kennedy · Redondo Beach, US

Key dates

Filing date	Dec 18, 2008
Grant date	May 15, 2012
Priority date	—
Expiry date	Jul 29, 2030

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/2101
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method for detecting malware is disclosed. The method may include examining a plurality of metadata fields of a plurality of known-clean-executable files. The method may also include examining a plurality of metadata fields of a plurality of known-malicious-executable files. The method may further include deducing, based on information obtained from examining the plurality of metadata fields of the plurality of known-clean- and known-malicious-executable files, metadata-field attributes indicative of malware. Corresponding systems and computer-readable media are also disclosed.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.