Title:
SYSTEM, METHOD AND APPARATUS FOR MALICIOUS SOFTWARE DETECTION
Document Type and Number:
WIPO Patent Application WO/2022/100489
Kind Code:
A1
Abstract:
The disclosed systems and methods are directed to a method for malicious software detection comprising: recognizing and extracting an EP section in an unrecognized PE file, collecting bytes in the EP section of the unrecognized PE file, converting the bytes to an array of integers, generating one or more n-grams from the array of integers, converting the one or more n-grams into b-MinHash, converting the bytes inan EP function included in the EP section to an array of assembly-based mnemonics; generating one or more n-grams from the array of assembly-based mnemonics and converting the one or more n-grams from the array of assembly-based mnemonics into a-MinHash, generating a similarity matrices, converting, the similarity matrices into a lower dimensionality code representation, and classifying the code as a PE benign or a malware file.
More Like This:
WO/2021/107177 | METHOD AND SYSTEM FOR BLOCKING RANSOMWARE OR PHISHING ATTACKS |
WO/2017/086837 | METHOD FOR DETECTING MALICIOUS PROGRAMS AND ELEMENTS |
WO/2015/005736 | CLIENT SYSTEM AND METHOD OF OPERATING CLIENT SYSTEM |
Inventors:
ABU ALHAOL IBRAHIM YAKUB (CA)
GIAGONE RONNIE SALVADOR (CA)
ZHOU YANG (CA)
GIAGONE RONNIE SALVADOR (CA)
ZHOU YANG (CA)
Application Number:
PCT/CN2021/128293
Publication Date:
May 19, 2022
Filing Date:
November 03, 2021
Export Citation:
Assignee:
HUAWEI TECH CO LTD (CN)
International Classes:
G06F21/56
Foreign References:
US20180293381A1 | 2018-10-11 | |||
US9942264B1 | 2018-04-10 | |||
EP2189920A2 | 2010-05-26 | |||
US20190199736A1 | 2019-06-27 | |||
US10303875B1 | 2019-05-28 |
Download PDF: