| 发明名称 | Systems and methods for managing malware signatures | ||
| 摘要 | A computer-implemented method for managing malware signatures. The method may include maintaining a set of active malware signatures and maintaining a set of dormant malware signatures. The method may also include providing the set of active malware signatures for use in malware detection more frequently than the set of dormant malware signatures and determining that a first malware signature from the set of dormant malware signatures triggers one or more positive malware detection responses. The method may further include, in response to the determination, moving the first malware signature from the set of dormant malware signatures to the set of active malware signatures. Various other methods, systems, and computer-readable media are also disclosed. | ||
| 申请公布号 | US9171156(B1) | 申请公布日期 | 2015.10.27 |
| 申请号 | US201414492754 | 申请日期 | 2014.09.22 |
| 申请人 | Symantec Corporation | 发明人 | Bogorad Walter;Antonov Vadim |
| 分类号 | G06F21/56;H04L29/06 | 主分类号 | G06F21/56 |
| 代理机构 | ALG Intellectual Property, LLC | 代理人 | ALG Intellectual Property, LLC |
| 主权项 | 1. A computer-implemented method for managing malware signatures, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising: maintaining a set of active malware signatures; maintaining a set of dormant malware signatures, wherein each malware signature from the set of dormant malware signatures represents a malware threat that may be less prevalent in a community than each malware signature from the set of active malware signatures; providing the set of active malware signatures for use in malware detection more frequently than the set of dormant malware signatures by sending the set of active malware signatures to each of a set of clients to be stored at each of the set of clients for use by each of the set of clients in malware detection scans, wherein the set of dormant malware signatures is stored in a cloud-based environment that is accessible to the set of clients; determining that a threat associated with a first malware signature from the set of dormant malware signatures is becoming more prevalent in the community by determining that the first malware signature from the set of dormant malware signatures has triggered one or more positive malware detection responses; in response to the determination that the threat associated with the first malware signature from the set of dormant malware signatures is becoming more prevalent, moving the first malware signature from the set of dormant malware signatures to the set of active malware signatures. | ||
| 地址 | Mountain View CA US | ||