首页>
外国专利>
Detecting malicious software behavior using signature-based static analysis
Detecting malicious software behavior using signature-based static analysis
展开▼
机译:使用基于签名的静态分析检测恶意软件行为
展开▼
页面导航
摘要
著录项
相似文献
摘要
According to an aspect of an embodiment, a method may include determining a set of entity instances in a software program. Each entity instance may correspond to a program entity through which the software program performs an interaction with an external entity that is external to the software program. The method may also include determining an identity of each external entity. Additionally, the method may include determining a set of data-flow predicates and a set of control-flow predicates that are satisfied by the software program. Further, the method may include comparing the set of data-flow predicates and the set of control-flow predicates with a signature library that includes one or more malicious software signatures. The method may further include determining that the software program is malicious in response to the set of data-flow predicates and the set of control-flow predicates matching one or more malicious software signatures.
展开▼