首页>
外国专利>
Classifying software modules based on comparisons using a neighborhood distance metric
Classifying software modules based on comparisons using a neighborhood distance metric
展开▼
机译:使用邻域距离度量基于比较对软件模块进行分类
展开▼
页面导航
摘要
著录项
相似文献
摘要
A method comprises obtaining at least a first software module not classified as benign or potentially malicious, extracting a set of features associated with the first software module, the set of features comprising static features, behavior features and context features, identifying a first cluster comprising one or more known software modules previously classified as benign, computing distance metrics between the extracted feature set of the first software module and feature sets of respective ones of the known software modules in the first cluster, classifying the first software module as one of benign and potentially malicious based on a comparison between the computed distance metrics and a neighborhood distance metric based on distances between feature sets of the known software modules in the first cluster, and modifying access by a given client device to the first software module responsive to classifying the first software module as potentially malicious.
展开▼