首页>
外国专利>
SYSTEMS AND METHODS FOR AUTOMATED GENERATION OF GENERIC SIGNATURES USED TO DETECT POLYMORPHIC MALWARE
SYSTEMS AND METHODS FOR AUTOMATED GENERATION OF GENERIC SIGNATURES USED TO DETECT POLYMORPHIC MALWARE
展开▼
机译:自动生成用于检测多态恶意软件的通用签名的系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
The disclosed computer-implemented method for automated generation of generic signatures used to detect polymorphic malware may include (1) clustering a set of polymorphic file samples that share a set of static attributes in common with one another, (2) computing a distance of the polymorphic file samples from a centroid that represents a reference data point with respect to the set of polymorphic file samples, (3) determining that the distance of the polymorphic file samples from the centroid is below a certain threshold, and then upon determining that the distance is below the certain threshold, (4) identifying, within the set of static attributes shared in common by the polymorphic file samples, a subset of static attributes whose values are identical across all of the polymorphic file samples and (5) generating a generic file-classification signature from the subset of static attributes. Various other methods, systems, and computer-readable media are also disclosed.
展开▼