Patent · US Active

Method and system for classification of software using characteristics and combinations of such characteristics

US8365286B2 · kind B2 · utility

376Cited by

21References

24Claims

0Family size

Assignee

Sophos PLC · GB

Inventor

Robert J. Poston · Felton, GB

Key dates

Filing date	Mar 30, 2009
Grant date	Jan 29, 2013
Priority date	—
Expiry date	Jun 8, 2031

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/563
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

In embodiments of the present invention improved capabilities are described for the steps of identifying a functional code block that performs a particular function within executable code; transforming the functional code block into a generic code representation of its functionality by tokenizing, refactoring, or the like, the functional code block; comparing the generic code representation with a previously characterized malicious code representation; and in response to a positive correlation from the comparison, identifying the executable code as containing malicious code.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.