Electronic crime detection and tracking

Assignee

• FireEye, Inc. · US

Inventors

• John P. Watters · Dallas, US
• Jonathan Couch · Kingswood, GB
• Sam Stover · Orrtanna, US
• Michael Weinberger · Brugg, CH
• Frederick Doyle · Albuquerque, US
• Gregory MacManus · Centreville, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F21/563
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A system for electronic crime reduction is provided, comprising a computer system, a database, a malware de-compiler, a malware parser, and an inference engine. The database contains information that associates electronic crime attack signature data with at least one of an individual, a group, and a location. The malware de-compiler, when executed on the computer system, translates a first malware executable to an assembly language version. The first malware is associated with an electronic crime that has been committed. The malware parser, when executed on the computer system, analyzes the assembly language version to identify distinctive coding preferences used to develop the first malware. The inference engine, when executed on the computer system, analyzes the distinctive coding preferences identified by the malware parser application in combination with searching the database to identify one of an individual, a group, and a location associated with the electronic crime.