| 发明名称 | Systems and methods for performing security scans | ||
| 摘要 | A computer-implemented method for performing security scans may include 1) generating a first hash of a first file, 2) performing a first security scan on the first file, 3) storing the first hash to indicate a result of the first security scan of the first file, 4) identifying a second file and generating a second hash of the second file, 5) determining that the second hash of the second file is equivalent to the first hash of the first file and, in response, determining that the result of the first security scan of the first file applies to the second file, 6) identifying a third file and determining that the third file is volatile, and 7) performing a second security scan on the third file instead of generating a third hash of the third file. Various other methods, systems, and computer-readable media are also disclosed. | ||
| 申请公布号 | US8806625(B1) | 申请公布日期 | 2014.08.12 |
| 申请号 | US201213633867 | 申请日期 | 2012.10.02 |
| 申请人 | Symantec Corporation | 发明人 | Berger Henry |
| 分类号 | G06F11/00 | 主分类号 | G06F11/00 |
| 代理机构 | ALG Intellectual Property, LLC | 代理人 | ALG Intellectual Property, LLC |
| 主权项 | 1. A computer-implemented method for performing security scans, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising: generating a first hash of a first file within a set of files that are subject to security scanning; performing a first security scan on the first file; storing the first hash to indicate a result of the first security scan of the first file; identifying a second file within the set of files and generating a second hash of the second file; determining that the second hash of the second file is equivalent to the first hash of the first file and, in response, determining that the result of the first security scan of the first file applies to the second file; identifying a third file within the set of files and determining that the third file is volatile and therefore less likely to match another file within the set of files, wherein determining that the third file is volatile comprises: identifying a prior hash indicator that indicates that a prior hash for the third file has previously been generated; identifying a current hash indicator that indicates that no valid current hash for the third file is available; wherein when it is determined that the prior hash indicator indicates that a prior hash has been previously generated and that the current hash indicator indicates that no valid current hash is available, determining that the third file has previously changed; performing a second security scan on the third file instead of generating a third hash of the third file in response to determining that the third file is volatile. | ||
| 地址 | Mountain View CA US | ||