Method and apparatus for classifying reputation of files on a computer network
Method, apparatus, and computer readable medium for classifying a file of interest in a computer network is described. File statistics are received over the network for a plurality of users and a plurality of files. The file statistics are processed to identify: (i) a set of users that received the...
Gespeichert in:
| Hauptverfasser: | , |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | Method, apparatus, and computer readable medium for classifying a file of interest in a computer network is described. File statistics are received over the network for a plurality of users and a plurality of files. The file statistics are processed to identify: (i) a set of users that received the file of interest; (ii) a group of shared files each of which was received by at least two users; and (iii) numbers of infected files received by respective users. An average ratio of a number of infected files to a total number of files in the group of shared files is computed using a Monte Carlo process constrained by: (i) indications of which users in received which files; and (ii) the numbers of infected files received by the respective users. A probability of infection is assigned to the file of interest based on the average ratio. |
|---|