完整後設資料紀錄
DC 欄位 | 值 | 語言 |
---|---|---|
dc.contributor.author | Chiang Yi-Ta | en_US |
dc.contributor.author | Lin Ying-Dar | en_US |
dc.contributor.author | Wu Yu-Sung | en_US |
dc.contributor.author | Lai Yuan-Cheng | en_US |
dc.date.accessioned | 2014-12-16T06:15:13Z | - |
dc.date.available | 2014-12-16T06:15:13Z | - |
dc.date.issued | 2012-05-17 | en_US |
dc.identifier.govdoc | G06F011/00 | zh_TW |
dc.identifier.uri | http://hdl.handle.net/11536/105178 | - |
dc.description.abstract | A machine-implemented method for determining whether a to-be-analyzed software is a known malware or a variant of the known malware includes the steps of: (A) configuring a processor to execute the to-be-analyzed software, and obtain a to-be-analyzed system call sequence that corresponds to the to-be-analyzed software with reference to a plurality of system calls made in sequence as a result of executing the to-be-analyzed software; (B) configuring the processor to determine a degree of similarity between the to-be-analyzed system call sequence and a reference system call sequence that corresponds to the known malware; and (C) configuring the processor to determine that the to-be-analyzed software is neither the known malware nor a variant of the known malware when the degree of similarity determined in step (B) is not greater than a predefined similarity threshold value. | zh_TW |
dc.language.iso | zh_TW | en_US |
dc.title | MACHINE-IMPLEMENTED METHOD AND SYSTEM FOR DETERMINING WHETHER A TO-BE-ANALYZED SOFTWARE IS A KNOWN MALWARE OR A VARIANT OF THE KNOWN MALWARE | zh_TW |
dc.type | Patents | en_US |
dc.citation.patentcountry | USA | zh_TW |
dc.citation.patentnumber | 20120124667 | zh_TW |
顯示於類別: | 專利資料 |