Patent · US Active

Methods and systems for identifying potential enterprise software threats based on visual and non-visual data

US9197663B1 · kind B1 · utility

23Cited by

3References

25Claims

0Family size

Assignee

Bit9, Inc. · US

Inventors

Mark Gilbert · San Francisco, US
Jeffrey J. Guy · Austin, US

Key dates

Filing date	Jan 29, 2015
Grant date	Nov 24, 2015
Priority date	—
Expiry date	Jan 29, 2035

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/033
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Visual and non-visual elements associated with the candidate files are analyzed to determine whether the candidate files are malware. A visual element (e.g., icon) is extracted from the candidate file, and the icon's image is compared to a group of reference images associated with trusted entities. If the icon's image matches a reference image, the candidate file may be malware masquerading as trusted software. The non-visual elements associated with the candidate file are used, in combination with the visual elements, to determine whether the candidate file is malware.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.