Apparatus and methods for remote classification of unknown malware
US8769683B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Jul 7, 2009 |
| Grant date | Jul 1, 2014 |
| Priority date | — |
| Expiry date | Feb 9, 2032 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/145
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
One embodiment relates to an apparatus for remote classification of malware. Computer-readable code is configured to be executed by the processor so as to receive a locality-sensitive hash (LSH) value associated with a file from a host computer via the network interface, determine whether the LSH value associated with the file is similar to a LSH value in an entry in an LSH data structure, and indicate that the file is a variant of known malware associated with the entry if the LSH value associated with the file is similar to the LSH value in the entry. Another embodiment relates to a method for remote classification of malware. Another embodiment relates to an apparatus configured to determine whether a file includes malware. Another embodiment relates to a method for detecting malware within an institutional network. Other embodiments, aspects and features are also disclosed.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.