Patent · US Active

Systems and methods for library function identification in automatic malware signature generation

US8881287B1 · kind B1 · utility

6Cited by

5References

20Claims

0Family size

Assignee

Symantec Corporation · US

Inventors

Kent E. Griffin · Santa Monica, US
Xin Hu · White Plains, US
Tzi-Cker Chiueh · Taipei, TW
Scott Schneider · Waukesha, US

Key dates

Filing date	Mar 20, 2009
Grant date	Nov 4, 2014
Priority date	—
Expiry date	Nov 28, 2031

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/145
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A computer-implemented method for facilitating automatic malware signature generation may comprise disassembling a malware program, identifying one or more byte sequences within the disassembled malware program that have a likelihood of being representative of one or more library functions contained within the malware program, and preventing the one or more byte sequences from being included within one or more malware signatures. Corresponding systems and computer-readable storage media are also disclosed.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.