-
公开(公告)号:US09185119B1
公开(公告)日:2015-11-10
申请号:US14273503
申请日:2014-05-08
Applicant: Symantec Corporation
Inventor: Acar Tamersoy , Kevin A. Roundy , Daniel Marino
CPC classification number: H04L63/20 , G06F17/30103 , G06F17/30115 , H04L63/14
Abstract: The disclosed computer-implemented method for detecting malware using file clustering may include (1) identifying a file with an unknown reputation, (2) identifying at least one file with a known reputation that co-occurs with the unknown file, (3) identifying a malware classification assigned to the known file, (4) determining a probability that the unknown file is of the same classification as the known file, and (5) assigning, based on the probability that the unknown file is of the same classification as the known file, the classification of the known file to the unknown file. Various other methods, systems, and computer-readable media are also disclosed.
Abstract translation: 用于使用文件聚类来检测恶意软件的公开的计算机实现的方法可以包括(1)识别具有未知信誉的文件,(2)识别具有与未知文件共存的已知信誉的至少一个文件,(3)识别 分配给已知文件的恶意软件分类,(4)确定未知文件与已知文件具有相同分类的概率,以及(5)基于未知文件与 已知文件,将已知文件分类到未知文件。 还公开了各种其它方法,系统和计算机可读介质。
-
公开(公告)号:US10025937B1
公开(公告)日:2018-07-17
申请号:US14752619
申请日:2015-06-26
Applicant: Symantec Corporation
Inventor: Anand Kashyap , Kevin A. Roundy , Sandeep Bhatkar , Aleatha Parker-Wood , Christopher Gates , Yin Liu , Leylya Yumer
Abstract: Techniques are disclosed for dynamically managing hardening policies in a client computer (e.g., of an enterprise network). A hardening management application monitors activity on the client computer that is associated with a first hardening policy. The monitored activity is evaluated based on one or more metrics. Upon determining that at least one of the metrics is outside of a tolerance specified in the first hardening policy, the client computer is associated with a second hardening policy. The client computer is reconfigured based on the second hardening policy.
-
Search Results
2
records
(took 0.013 seconds)
