Systems and methods for identifying variants of samples based on similarity analysis
US9571509B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 25, 2014 |
| Grant date | Feb 14, 2017 |
| Priority date | — |
| Expiry date | Sep 3, 2034 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/102
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A computer-implemented method for identifying variants of samples based on similarity analysis may include (1) collecting, from security agents on endpoint computing systems, metadata attributes that describe samples identified by the security agents over an initial period of time, (2) collecting metadata attributes that describe a current sample identified after the initial period of time, (3) comparing at least two of the metadata attributes that describe the current sample with corresponding metadata attributes of the samples identified over the initial period of time, (4) designating the current sample as related to another sample from the samples identified over the initial period of time based on the comparison of the two metadata attributes, and (5) performing a security action to protect a user from malware based on the designation of the current sample as related to the other sample. Various other methods, systems, and computer-readable media are also disclosed.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.