Patent · US Active

Systems and methods for using reputation data to detect packed malware

US8336100B1 · kind B1 · utility

17Cited by

6References

20Claims

0Family size

Assignee

Symantec Corporation · US

Inventors

Adam Glick · Culver City, US
Nicholas Graf · Austin, US
Spencer Smith · El Segundo, US

Key dates

Filing date	Aug 21, 2009
Grant date	Dec 18, 2012
Priority date	—
Expiry date	Mar 1, 2031

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/577
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A computer-implemented method for using reputation data to detect packed malware may include: 1) identifying a file downloaded from a portal, 2) determining that the file has been packed, 3) obtaining community-based reputation data for the file, 4) determining, by analyzing the reputation data, that instances of the file have been encountered infrequently (or have never been encountered) within the community, and then 5) performing a security operation on the file (by, for example, quarantining or deleting the file).

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.