Global to push GA events into
skip to main content

Title: Integrating multiple data sources for malware classification

Disclosed herein are representative embodiments of tools and techniques for classifying programs. According to one exemplary technique, at least one graph representation of at least one dynamic data source of at least one program is generated. Also, at least one graph representation of at least one static data source of the at least one program is generated. Additionally, at least using the at least one graph representation of the at least one dynamic data source and the at least one graph representation of the at least one static data source, the at least one program is classified.
Inventors:
; ;
Issue Date:
OSTI Identifier:
1178661
Assignee:
Los Alamos National Security, LLC (Los Alamos, NM) LANL
Patent Number(s):
9,021,589
Application Number:
13/909,985
Contract Number:
AC52-06NA25396
Resource Relation:
Patent File Date: 2013 Jun 04
Research Org:
Los Alamos National Lab. (LANL), Los Alamos, NM (United States)
Sponsoring Org:
USDOE
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING

Works referenced in this record:

Polymorphic Worm Detection Using Structural Information of Executables
book, January 2006
  • Kruegel, Christopher; Kirda, Engin; Mutz, Darren
  • Recent Advances in Intrusion Detection, p. 207-226
  • DOI: 10.1007/11663812_11