MACHINE-IMPLEMENTED METHOD AND SYSTEM FOR DETERMINING WHETHER A TO-BE-ANALYZED SOFTWARE IS A KNOWN MALWARE OR A VARIANT OF THE KNOWN MALWARE

Full metadata record

DC Field	Value	Language
dc.contributor.author	Chiang Yi-Ta	en_US
dc.contributor.author	Lin Ying-Dar	en_US
dc.contributor.author	Wu Yu-Sung	en_US
dc.contributor.author	Lai Yuan-Cheng	en_US
dc.date.accessioned	2014-12-16T06:15:13Z	-
dc.date.available	2014-12-16T06:15:13Z	-
dc.date.issued	2012-05-17	en_US
dc.identifier.govdoc	G06F011/00	zh_TW
dc.identifier.uri	http://hdl.handle.net/11536/105178	-
dc.description.abstract	A machine-implemented method for determining whether a to-be-analyzed software is a known malware or a variant of the known malware includes the steps of: (A) configuring a processor to execute the to-be-analyzed software, and obtain a to-be-analyzed system call sequence that corresponds to the to-be-analyzed software with reference to a plurality of system calls made in sequence as a result of executing the to-be-analyzed software; (B) configuring the processor to determine a degree of similarity between the to-be-analyzed system call sequence and a reference system call sequence that corresponds to the known malware; and (C) configuring the processor to determine that the to-be-analyzed software is neither the known malware nor a variant of the known malware when the degree of similarity determined in step (B) is not greater than a predefined similarity threshold value.	zh_TW
dc.language.iso	zh_TW	en_US
dc.title	MACHINE-IMPLEMENTED METHOD AND SYSTEM FOR DETERMINING WHETHER A TO-BE-ANALYZED SOFTWARE IS A KNOWN MALWARE OR A VARIANT OF THE KNOWN MALWARE	zh_TW
dc.type	Patents	en_US
dc.citation.patentcountry	USA	zh_TW
dc.citation.patentnumber	20120124667	zh_TW
Appears in Collections:	Patents

Files in This Item:

20120124667.pdf

If it is a zip file, please download the file and unzip it, then open index.html in a browser to view the full text content.