| 標題: | Machine-implemented method and system for determining whether a to-be-analyzed software is a known malware or a variant of the known malware |
| 作者: | Chiang Yi-Ta Lin Ying-Dar Wu Yu-Sung Lai Yuan-Cheng |
| 公開日期: | 6-八月-2013 |
| 摘要: | A machine-implemented method for determining whether a to-be-analyzed software is a known malware or a variant of the known malware includes the steps of: (A) configuring a processor to execute the to-be-analyzed software, and obtain a to-be-analyzed system call sequence that corresponds to the to-be-analyzed software with reference to a plurality of system calls made in sequence as a result of executing the to-be-analyzed software; (B) configuring the processor to determine a degree of similarity between the to-be-analyzed system call sequence and a reference system call sequence that corresponds to the known malware; and (C) configuring the processor to determine that the to-be-analyzed software is neither the known malware nor a variant of the known malware when the degree of similarity determined in step (B) is not greater than a predefined similarity threshold value. |
| 官方說明文件#: | G06F011/00 G06F007/04 G08B023/00 G06F017/30 |
| URI: | http://hdl.handle.net/11536/104455 |
| 專利國: | USA |
| 專利號碼: | 08505099 |
| 顯示於類別: | 專利資料 |
文件中的檔案:
若為 zip 檔案,請下載檔案解壓縮後,用瀏覽器開啟資料夾中的 index.html 瀏覽全文。
- MACHINE-IMPLEMENTED METHOD AND SYSTEM FOR DETERMINING WHETHER A TO-BE-ANALYZED SOFTWARE IS A KNOWN MALWARE OR A VARIANT OF THE KNOWN MALWARE / Chiang Yi-Ta;Lin Ying-Dar;Wu Yu-Sung;Lai Yuan-Cheng
- 利用三階段行為分析來偵測和分類已知與未知的惡意程式 / 徐鵬凱;Hsu, Peng-Kai;林盈達;Lin, Ying-Dar
- Can Malware Be Exterminated by Better Understanding Its Roots? / Cho, Michael Cheng Yi;Hsu, Chia-Wei;Shieh, Shiuhpyng;Wang, Chi-Wei
- Active versus Passive Malware Collection / Lin, Ying-Dar;Lee, Chia-Yin;Wu, Yu-Sung;Ho, Pei-Hsiu;Wang, Fu-Yu
- Three-phase behavior-based detection and classification of known and unknown malware / Lin, Ying-Dar;Lai, Yuan-Cheng;Lu, Chun-Nan;Hsu, Peng-Kai;Lee, Chia-Yin
Loading...