Patent · US Active

Systems and methods for detecting malware using file clustering

US9185119B1 · kind B1 · utility

16Cited by

3References

17Claims

0Family size

Assignee

Symantec Corporation · US

Inventors

Acar Tamersoy · Culver City, US
Kevin Roundy · El Segundo, US
Daniel Marino · Los Angeles, US

Key dates

Filing date	May 8, 2014
Grant date	Nov 10, 2015
Priority date	—
Expiry date	May 8, 2034

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/14
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

The disclosed computer-implemented method for detecting malware using file clustering may include (1) identifying a file with an unknown reputation, (2) identifying at least one file with a known reputation that co-occurs with the unknown file, (3) identifying a malware classification assigned to the known file, (4) determining a probability that the unknown file is of the same classification as the known file, and (5) assigning, based on the probability that the unknown file is of the same classification as the known file, the classification of the known file to the unknown file. Various other methods, systems, and computer-readable media are also disclosed.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.