Detecting malware using stored patterns

In one embodiment, a method includes identifying a plurality of portions of a file and comparing the plurality of portions of the file to a plurality of stored patterns. The plurality of stored patterns include portions of known malware. The method also includes determining, from the plurality of po...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: MONTY D MCDOUGAL, MATTHEW RICHARD, RANDY S JENNINGS, JESSE J LEE, WILLIAM E STERNS
Format: Patent
Sprache:eng
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:In one embodiment, a method includes identifying a plurality of portions of a file and comparing the plurality of portions of the file to a plurality of stored patterns. The plurality of stored patterns include portions of known malware. The method also includes determining, from the plurality of portions of the file and based on the comparing of the plurality of portions of the file to the plurality of stored patterns, a set of matching portions. The set of matching portions include one or more of the plurality of portions of the file. In addition, the method includes determining a score for each portion in the set of matching portions and providing information regarding the set of matching portions. The information includes the scores determined for each portion of the set of matching portions.