The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Feb. 11, 2020
Filed:
Jul. 10, 2017
Sichuan University, Chengdu, Sichuan, CN;
Beijing Tongtech Co., Ltd., Beijing, CN;
Junfeng Wang, Chengdu, CN;
Baoxin Xu, Beijing, CN;
Dong Liu, Chengdu, CN;
Fan Li, Chengdu, CN;
Xiaosong Zhang, Chengdu, CN;
SICHUAN UNIVERSITY, Sichuan, CN;
Beijing Tongtech Co., LTD., Beijing, CN;
Abstract
A method of detecting malware in Linux platform through the following steps: use objdump-D command to disassemble ELF format benign software and malware samples to generate assembly files; traverse the generated assembly files one by one, read the ELF files' code segment and meanwhile identify whether the code segment contains main( ) function; analyze the code segment read. Divide assembly code into different basic blocks. Each basic block is marked by its lowest address. Add control flow graph's vertex to the adjacency linked list; establish the relation between basic blocks, add control flow graph's edges to the adjacency linked list and generate a basic control flow graph; extract control flow graph's features and write them into ARFF files; take ARFF files as the data set of a machine learning tool named weka to carry out data mining and construct classifier; classify the ELF samples to be tested by using the classifier.