| 发明名称 | Malware detection system and method for compressed data on mobile platforms | ||
| 摘要 | A system and method for detecting malware in compressed data. The system and method identifies a set of search strings extracted from compressed executables, each of which is infected with malware from a family of malware. The search strings detect the presence of the family of malware in other compressed executables, fragments of compressed executables, or data streams. | ||
| 申请公布号 | US9009818(B2) | 申请公布日期 | 2015.04.14 |
| 申请号 | US200711697658 | 申请日期 | 2007.04.06 |
| 申请人 | Pulse Secure, LLC | 发明人 | Tuvell George;Venugopal Deepak |
| 分类号 | G06F21/00;G06F21/56;H04L29/06;H04W12/12;H04W12/10 | 主分类号 | G06F21/00 |
| 代理机构 | Shumaker & Sieffert, P.A. | 代理人 | Shumaker & Sieffert, P.A. |
| 主权项 | 1. A method of developing search strings for detecting malware in compressed data, the method comprising: selecting a plurality of malware-infected executables infected with a family of malware, wherein each of the plurality of malware-infected executables comprises a respective compressed code portion; extracting a plurality of candidate strings from the compressed code portions of the plurality of malware-infected executables; identifying, by a computing device, at least one of the plurality of candidate strings that is present in each of the plurality of malware-infected executables as a search string common to the compressed code portions of the plurality of malware-infected executables; and storing the search string common to the plurality of malware-infected executables to a mobile device to cause the mobile device to determine whether target applications including compressed code portions are infected with malware based at least in part on the search string. | ||
| 地址 | San Jose CA US | ||