Malware detection and analysis

Chiang, Ken; Lloyd, Levi; Crussell, Jonathan; Sanders, Benjamin; Erickson, Jeremy Lee; Fritz, David Jakob

Title: Malware detection and analysis

Patent · Tue Mar 22 00:00:00 EDT 2016

OSTI ID:1243304

Chiang, Ken; Lloyd, Levi; Crussell, Jonathan; Sanders, Benjamin; Erickson, Jeremy Lee; Fritz, David Jakob

Embodiments of the invention describe systems and methods for malicious software detection and analysis. A binary executable comprising obfuscated malware on a host device may be received, and incident data indicating a time when the binary executable was received and identifying processes operating on the host device may be recorded. The binary executable is analyzed via a scalable plurality of execution environments, including one or more non-virtual execution environments and one or more virtual execution environments, to generate runtime data and deobfuscation data attributable to the binary executable. At least some of the runtime data and deobfuscation data attributable to the binary executable is stored in a shared database, while at least some of the incident data is stored in a private, non-shared database.

View Patent

Cite

Export

Save

Research Organization:: Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

Sponsoring Organization:: USDOE

DOE Contract Number:: AC04-94AL85000

Assignee:: Sandia Corporation (Albuquerque, NM)

Patent Number(s):: 9,294,486

Application Number:: 14/198,366

OSTI ID:: 1243304

Resource Relation:: Patent File Date: 2014 Mar 05

Country of Publication:: United States

Language:: English

References (6)

Farm: An automated malware analysis environment Van Randwyk, Jamie; Chiang, Ken; Lloyd, Levi 2008 IEEE International Carnahan Conference on Security Technology (ICCST), 2008 42nd Annual IEEE International Carnahan Conference on Security Technology https://doi.org/10.1109/CCST.2008.4751322	conference	October 2008
Aggregating, retrieving, and providing access to document visuals Bebo, Michael; Carr, Merle; Schneider, Melissa https://doi.org/https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/7181445 US Patent Document 7,181,445	patent	February 2007
Classification of malware using clustering that orders events in accordance with the time of occurance Lee, Tony; Mody, Jigar J.; Lin, Ying https://doi.org/https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/7809670 US Patent Document 7,809,670	patent	October 2010
System and method for detecting malware in an executable code module according to the code module's exhibited behavior Bodorin, Daniel M.; Marinescu, Adrian https://doi.org/https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/7913305 US Patent Document 7,913,305	patent	March 2011
Apparatus and methods for remote classification of unknown malware Oliver, Jonathan J. https://doi.org/https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/8769683 US Patent Document 8,769,683	patent	July 2014
Method and System for Automatic Detection and Analysis of Malware Thomas, Ralph; Ligh, Michael https://doi.org/https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20120079596 US Patent Application 13/219208; 20120079596	patent-application	March 2012

Similar Records

Deep PDF parsing to extract features for detecting embedded malware.

Technical Report · Thu Sep 01 00:00:00 EDT 2011 · OSTI ID:1243304

Munson, Miles Arthur; Cross, Jesse S

Malware forensics on mobile devices for DOE-EM applications - 15708

Conference · Wed Jul 01 00:00:00 EDT 2015 · OSTI ID:1243304

De La Rosa, Andrew

Tools for Large-Scale Mobile Malware Analysis

Thesis/Dissertation · Wed Jan 01 00:00:00 EST 2014 · OSTI ID:1243304

Bierma, Michael

Related Subjects

99 GENERAL AND MISCELLANEOUS
97 MATHEMATICS AND COMPUTING

Title: Malware detection and analysis

Citation Formats

References (6)

Similar Records

Related Subjects