The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Aug. 06, 2013
Filed:
May. 20, 2011
Yi-ta Chiang, Hsinchu County, TW;
Ying-dar Lin, Taipei, TW;
Yu-sung Wu, Hsinchu, TW;
Yuan-cheng Lai, Hsinchu, TW;
Yi-Ta Chiang, Hsinchu County, TW;
Ying-Dar Lin, Taipei, TW;
Yu-Sung Wu, Hsinchu, TW;
Yuan-Cheng Lai, Hsinchu, TW;
National Chiao Tung University, Hsinchu, TW;
Abstract
A machine-implemented method for determining whether a to-be-analyzed software is a known malware or a variant of the known malware includes the steps of: (A) configuring a processor to execute the to-be-analyzed software, and obtain a to-be-analyzed system call sequence that corresponds to the to-be-analyzed software with reference to a plurality of system calls made in sequence as a result of executing the to-be-analyzed software; (B) configuring the processor to determine a degree of similarity between the to-be-analyzed system call sequence and a reference system call sequence that corresponds to the known malware; and (C) configuring the processor to determine that the to-be-analyzed software is neither the known malware nor a variant of the known malware when the degree of similarity determined in step (B) is not greater than a predefined similarity threshold value.