METHOD AND SYSTEM FOR GENERATING MALWARE DEFINITIONS USING A COMPARISON OF NORMALIZED ASSEMBLY CODE
Number of patents in Portfolio can not be more than 2000
United States of America Patent
Stats
-
N/A
Issued Date -
Dec 17, 2009
app pub date -
Jun 11, 2008
filing date -
Jun 11, 2008
priority date (Note) -
Abandoned
status (Latency Note)
Importance
Abstract
A system and method for generating malware definitions for use in managing malware on a computer is described. One embodiment comprises receipt of a binary file running in system memory; taking a memory dump of the binary file at a time slice and storing the memory dump in a memory dump file; applying a normalization process to the memory dump file, wherein the normalization process alters a collection of data from the memory dump file, resulting in a normalized file; applying a comparison process between the normalized file and each of a plurality of normalized files stored in a database of malware definitions wherein the comparison process produces a comparison value associated with each of the normalized files in the database of malware definitions; and inserting the normalized file into the database of malware definitions, when each of the comparison values satisfies a predetermined criterion.
First Claim
Family
International Classification(s)
Cited Art Landscape
Patent Citation Ranking
Recipient Email Address
Recipient Email Address
Comment
Recipient Email Address
Add to Portfolio(s)
To add this patent to one, or more, of your portfolios, simply click the add button.
This Patent is in these Portfolios:
Add to additional portfolios:
Last Refreshed On:
Changes done successfully