Patent · US Active

Systems and methods for byte-level context diversity-based automatic malware signature generation

US8291497B1 · kind B1 · utility

36Cited by

30References

20Claims

0Family size

Assignee

Symantec Corporation · US

Inventors

Kent E. Griffin · Santa Monica, US
Tzi-Cker Chiueh · Taipei, TW
Scott Schneider · Waukesha, US

Key dates

Filing date	Mar 20, 2009
Grant date	Oct 16, 2012
Priority date	—
Expiry date	Feb 24, 2031

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/564
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A computer-implemented method for facilitating automatic malware signature generation may comprise providing a byte sequence marked for possible inclusion within one or more malware signatures, determining a context diversity of the byte sequence within malware files each containing the byte sequence in accordance with a diversity-based heuristic, and preventing the byte sequence from being included within the one or more malware signatures in accordance with the determined context diversity. Corresponding systems and computer-readable storage media are also disclosed.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.