skip to main content

SciTech ConnectSciTech Connect

Title: Malware detection and analysis

Embodiments of the invention describe systems and methods for malicious software detection and analysis. A binary executable comprising obfuscated malware on a host device may be received, and incident data indicating a time when the binary executable was received and identifying processes operating on the host device may be recorded. The binary executable is analyzed via a scalable plurality of execution environments, including one or more non-virtual execution environments and one or more virtual execution environments, to generate runtime data and deobfuscation data attributable to the binary executable. At least some of the runtime data and deobfuscation data attributable to the binary executable is stored in a shared database, while at least some of the incident data is stored in a private, non-shared database.
Authors:
; ; ; ; ;
Publication Date:
OSTI Identifier:
1243304
Report Number(s):
9,294,486
14/198,366
DOE Contract Number:
AC04-94AL85000
Resource Type:
Patent
Resource Relation:
Patent File Date: 2014 Mar 05
Research Org:
Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States)
Sponsoring Org:
USDOE
Country of Publication:
United States
Language:
English
Subject:
99 GENERAL AND MISCELLANEOUS; 97 MATHEMATICS AND COMPUTING