公开(公告)号：US20140123289A1

公开(公告)日：2014-05-01

申请号：US14149471

申请日：2014-01-07

Applicant: QUALCOMM Incorporated

Inventor： Hsu-Chun Hsiao ,  Shuo Deng ,  Babak Salamat ,  Rajarshi Gupta ,  Saumitra Mohan Das

IPC: H04L29/06

CPC classification number: H04L63/1416 ,  G06F21/52 ,  G06F21/552 ,  G06F21/554 ,  G06F21/56 ,  G06F21/566

Abstract: Disclosed is an apparatus and method for a computing device to determine if an application is malware. The computing device may include: a query logger to log the behavior of the application on the computing device to generate a log; a behavior analysis engine to analyze the log from the query logger to generate a behavior vector that characterizes the behavior of the application; and a classifier to classify the behavior vector for the application as benign or malware.

Abstract translation: 公开了一种用于计算设备来确定应用是否是恶意软件的装置和方法。 计算设备可以包括：查询记录器，用于在计算设备上记录应用的行为以生成日志; 行为分析引擎，用于从查询记录器分析日志，以生成表征应用程序行为的行为向量; 以及将应用程序的行为向量分类为良性或恶意软件的分类器。

公开(公告)号：US09973517B2

公开(公告)日：2018-05-15

申请号：US14149471

申请日：2014-01-07

Applicant: QUALCOMM Incorporated

Inventor： Hsu-Chun Hsiao ,  Shuo Deng ,  Babak Salamat ,  Rajarshi Gupta ,  Saumitra Mohan Das

IPC: G06F21/52 ,  H04L29/06 ,  G06F21/56 ,  G06F21/55

CPC classification number: H04L63/1416 ,  G06F21/52 ,  G06F21/552 ,  G06F21/554 ,  G06F21/56 ,  G06F21/566

Abstract: Disclosed is an apparatus and method for a computing device to determine if an application is malware. The computing device may include: a query logger to log the behavior of the application on the computing device to generate a log; a behavior analysis engine to analyze the log from the query logger to generate a behavior vector that characterizes the behavior of the application; and a classifier to classify the behavior vector for the application as benign or malware.