skip to main content

SciTech ConnectSciTech Connect

Title: Statistical fingerprinting for malware detection and classification

A system detects malware in a computing architecture with an unknown pedigree. The system includes a first computing device having a known pedigree and operating free of malware. The first computing device executes a series of instrumented functions that, when executed, provide a statistical baseline that is representative of the time it takes the software application to run on a computing device having a known pedigree. A second computing device executes a second series of instrumented functions that, when executed, provides an actual time that is representative of the time the known software application runs on the second computing device. The system detects malware when there is a difference in execution times between the first and the second computing devices.
Authors:
;
Publication Date:
OSTI Identifier:
1214592
Report Number(s):
9,135,440
13/955,784
DOE Contract Number:
AC05-00OR22725
Resource Type:
Patent
Resource Relation:
Patent File Date: 2013 Jul 31
Research Org:
Oak Ridge National Laboratory (ORNL), Oak Ridge, TN (United States)
Sponsoring Org:
USDOE
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING