System and methods for detecting harmful files of different formats
US9015814B1 · kind B1 · utility
Inventors
Key dates
| Filing date | Jun 10, 2014 |
| Grant date | Apr 21, 2015 |
| Priority date | — |
| Expiry date | Jun 10, 2034 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/033
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Disclosed are systems, methods and computer program products for detection of harmful files of different formats. An example method includes determining a suspicious file and a file format of the suspicious file; analyzing the suspicious file by an antivirus software to determine whether the suspicious file is clean or harmful; when the suspicious file is determined to be harmful by the antivirus software, generating a signature of the suspicious file and updating a collection of harmful files with the signature of the suspicious file; and when the suspicious file is not determined to be clean or harmful by the antivirus software, selecting, based on at least the file format of the suspicious file, a configuration of a virtual machine for analysis of the suspicious file, and analyzing the suspicious file by the virtual machine with selected configuration to determine whether the suspicious file is clean or harmful.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.