发明名称 |
System and Method for Detecting Unknown Malware |
摘要 |
The present disclosure relates generally to the field of computer security and, in particular, to systems for detecting unknown malware. A method comprises generating genes for known malicious and dean objects; analyzing object genes using different malware analysis methods; computing a level of successful detection of malicious objects by one or a combination of malware analysis methods based on analysis of genes of the known malicious objects; computing a level of false positive detections of malicious objects by one or a combination of malware analysis methods based on analysis of genes of known clean objects; measuring effectiveness of each one or the combination of malware analysis methods as a function of the level of successful detections and the level of fake positive detections; and selecting one or a combination of the most effective malware analysis methods for analyzing unknown object for malware.
|
申请公布号 |
US2012174227(A1) |
申请公布日期 |
2012.07.05 |
申请号 |
US201113190601 |
申请日期 |
2011.07.26 |
申请人 |
MASHEVSKY YURY V.;VASILENKO ROMAN S.;KASPERSKY LAB ZAO |
发明人 |
MASHEVSKY YURY V.;VASILENKO ROMAN S. |
分类号 |
G06F11/00;G06F21/56 |
主分类号 |
G06F11/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|