標題: Machine-implemented method and system for determining whether a to-be-analyzed software is a known malware or a variant of the known malware
作者: Chiang Yi-Ta
Lin Ying-Dar
Wu Yu-Sung
Lai Yuan-Cheng
公開日期: 6-八月-2013
摘要: A machine-implemented method for determining whether a to-be-analyzed software is a known malware or a variant of the known malware includes the steps of: (A) configuring a processor to execute the to-be-analyzed software, and obtain a to-be-analyzed system call sequence that corresponds to the to-be-analyzed software with reference to a plurality of system calls made in sequence as a result of executing the to-be-analyzed software; (B) configuring the processor to determine a degree of similarity between the to-be-analyzed system call sequence and a reference system call sequence that corresponds to the known malware; and (C) configuring the processor to determine that the to-be-analyzed software is neither the known malware nor a variant of the known malware when the degree of similarity determined in step (B) is not greater than a predefined similarity threshold value.
官方說明文件#: G06F011/00
G06F007/04
G08B023/00
G06F017/30
URI: http://hdl.handle.net/11536/104455
專利國: USA
專利號碼: 08505099
顯示於類別:專利資料


文件中的檔案:

  1. 08505099.pdf

若為 zip 檔案,請下載檔案解壓縮後,用瀏覽器開啟資料夾中的 index.html 瀏覽全文。