发明名称 |
AUTOMATED IDENTIFICATION AND REVERSE ENGINEERING OF MALWARE |
摘要 |
An automated malware identification and reverse engineering tool is provided. Subroutine categories may be learned by machine learning. A program may then be reverse-engineered and classified, and subroutines that are potentially indicative of malware may be identified. These subroutines may be reviewed by a reverse engineer to determine whether the program is malware in a more directed and efficient manner. |
申请公布号 |
US2016306971(A1) |
申请公布日期 |
2016.10.20 |
申请号 |
US201615098422 |
申请日期 |
2016.04.14 |
申请人 |
Los Alamos National Security, LLC |
发明人 |
Anderson Blake;Storlie Curtis;Sexton Joseph |
分类号 |
G06F21/56;G06N7/00;G06N99/00 |
主分类号 |
G06F21/56 |
代理机构 |
|
代理人 |
|
主权项 |
1. A computer-implemented method, comprising:
automatically labeling each subroutine in a program, by a computing system, in a function call graph; applying a probabilistic approach, by the computing system, to identify at least one subroutine as potentially indicative of malware; and providing an indication of the at least one identified subroutine, by the computing system, to an analyst for further analysis. |
地址 |
Los Alamos NM US |