The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Aug. 07, 2018
Filed:
Jan. 16, 2015
Microsoft Technology Licensing, Llc., Redmond, WA (US);
Benjamin Livshits, Kirkland, WA (US);
Benjamin G. Zorn, Woodinville, WA (US);
Benjamin Stock, Erlangen, DE;
Microsoft Technology Licensing, LLC, Redmond, WA (US);
Abstract
Disclosed herein are systems and methods for detecting script code malware and generating signatures. A plurality of script code samples are received and transformed into a plurality of tokenized samples. The tokenized samples are based on syntactical elements of the plurality of script code samples. One or more clusters of samples are determined based on similarities in different ones of the plurality of tokenized samples, and known malicious code having a threshold similarity to a representative sample of the cluster of samples is identified. Based on the identifying, the cluster of samples is identified as malicious. Based at least on respective ones of the plurality of tokenized samples associated with the cluster of samples, a generalized code signature usable to identify the script code samples in the cluster of samples is generated.