Proactively analyzing binary files from suspicious sources
US8370942B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 12, 2009 |
| Grant date | Feb 5, 2013 |
| Priority date | — |
| Expiry date | Sep 22, 2030 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/145
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A malware source analysis component determines which sources of malware are sufficiently suspicious such that all binary files located thereon should be analyzed. In order to makes such determinations, the malware source analysis component receives information concerning malware infections from a plurality of sources. The malware source analysis component analyzes the received information, and determines suspiciousness levels associated with specific sources. Responsive to identifying a given threshold suspiciousness level associated with a source, the malware source analysis component adjudicates that source to be suspicious. Where a source is adjudicated to be suspicious, the malware source analysis component submits submission instructions to that source, directing it to identify binary files thereon and submit them to be analyzed. The malware source analysis component receives binary files from suspicious sources according to the submission instructions, and analyzes the received binary files.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.