The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jun. 04, 2019
Filed:
Sep. 23, 2016
Emc Ip Holding Company Llc, Hopkinton, MA (US);
Erik M. Heuser, Manassas, VA (US);
EMC IP Holding Company LLC, Hopkinton, MA (US);
Abstract
Techniques are provided for retroactively identifying malware programs when new signatures become available that later match network traffic previously obtained from the sandbox environment. An exemplary method comprises obtaining a plurality of packet capture files comprising previously captured network communications of malware programs that previously executed in a sandbox environment, wherein each of the packet capture files are associated with a corresponding malware program that generated the network communications; obtaining signatures indicative of at least one malware program; comparing the signatures to the packet capture files; and retroactively identifying a given malware program as malware if a signature matches a given packet capture file associated with the given malware program. A plurality of malware samples that were previously unidentified are optionally correlated with the given malware program based on a scan of additional packet capture files for the signature that matched the given packet capture file.