Title:
SYSTEMS, METHODS, AND DEVICES FOR EXECUTABLE FILE CLASSIFICATION
Document Type and Number:
WIPO Patent Application WO/2023/168302
Kind Code:
A3
Abstract:
Methods according to the embodiments herein may include generating, by a computer system using a decompiler, assembly code from a binary file. The methods may comprise identifying, by the computer system using one or more heuristics, one or more functions in the assembly code. The methods may comprise identifying, by the computer system, one or more code blocks within the one or more functions in the assembly code. The methods may comprise determining, by the computer system, one or more execution paths through the one or more code blocks. The methods may comprise generating, by the computer system, one or more sentences representing execution paths through the one or more code blocks, wherein generating the one or more sentences comprises performing one or more random walks through one or more execution paths.
Inventors:
MAIMON TAL (IL)
SHLOMO ROY BEN (IL)
SHLOMO ROY BEN (IL)
Application Number:
PCT/US2023/063529
Publication Date:
November 16, 2023
Filing Date:
March 01, 2023
Export Citation:
Assignee:
SENTINEL LABS ISRAEL LTD (IL)
SENTINEL LABS INC (US)
SENTINEL LABS INC (US)
International Classes:
G06F18/24; G06F21/55; G06F21/56; G06F21/57; G06N3/04; G06N3/02; G06N3/08; G06N5/02; G06N20/00
Foreign References:
| CN113434858A | 2021-09-24 | |||
| US20220050895A1 | 2022-02-17 | |||
| CN113297584A | 2021-08-24 |
Other References:
DAI JIANYONG, GUHA RATAN, LEE JOOHAN: "Efficient Virus Detection Using Dynamic Instruction Sequences", JOURNAL OF COMPUTERS, ACADEMY PUBLISHER, FI, vol. 4, no. 5, 1 May 2009 (2009-05-01), FI , XP093112685, ISSN: 1796-203X, DOI: 10.4304/jcp.4.5.405-414
Attorney, Agent or Firm:
ALTMAN, Daniel, E. (US)
Download PDF:
Previous Patent: HOME CARE COMPOSITIONS COMPRISING MICROBIALLY PRODUCED OIL AND DERIVATIVES THEREOF
Next Patent: MICRO-BRIDGE DESIGN OF A SENSOR DEVICE
Next Patent: MICRO-BRIDGE DESIGN OF A SENSOR DEVICE