Patent · US Active

Graph-based malware classification based on file relationships

US8799190B2 · kind B2 · utility

32Cited by

1References

18Claims

0Family size

Assignee

Microsoft Corporation · US

Inventors

Jack Wilson Stokes, III · North Bend, US
Nikos Karampatziakis · Ithaca, US
John C. Platt · Redmond, US
Anil Thomas · Redmond, US
Adrian Marinescu · Sammamish, US

Key dates

Filing date	Jun 17, 2011
Grant date	Aug 5, 2014
Priority date	—
Expiry date	Aug 19, 2032

Classification

Technology area (CPC Y)Emerging Cross-Sectional Technologies
CPC primaryY10S707/952
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A reliable automated malware classification approach with substantially low false positive rates is provided. Graph-based local and/or global file relationships are used to improve malware classification along with a feature selection algorithm. File relationships such as containing, creating, copying, downloading, modifying, etc. are used to assign malware probabilities and simultaneously reduce the false positive and false negative rates on executable files.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.