Patent · US Active

Selecting malware signatures based on malware diversity

US8321942B1 · kind B1 · utility

24Cited by

2References

18Claims

0Family size

Assignee

Symantec Corporation · US

Inventors

Tzi-Cker Chiueh · Taipei, TW
Kent E. Griffin · Santa Monica, US
Scott Schneider · Waukesha, US
Xin Hu · White Plains, US

Key dates

Filing date	Mar 12, 2009
Grant date	Nov 27, 2012
Priority date	—
Expiry date	Oct 30, 2030

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/564
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A candidate signature for a known malware entity is selected for analysis. A set of malware entities that contain the candidate signature is identified. A diversity measurement for the candidate signature is determined. The diversity measurement describes the diversity of the set of malware entities that contain the candidate signature. A determination is made whether to use the candidate signature to identify the known malware entity based at least in part on the diversity measurement. Responsive to the determination, the candidate malware signature is stored as a signature for the known malware entity.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.