亞洲知識產權資訊網為知識產權業界提供一個一站式網上交易平台，協助業界發掘知識產權貿易商機，並與環球知識產權業界建立聯繫。無論你是知識產權擁有者正在出售您的知識產權，或是製造商需要購買技術以提高操作效能，又或是知識產權配套服務供應商，你將會從本網站發掘到有用的知識產權貿易資訊。

返回搜索結果

Method for Malware Detection and Classification using Image Processing Techniques

技術優勢: 98% classification accuracy (matching state-of-the-art methods), but with improved performance: o Lower computational cost for malware analysis o Faster response to threats o Resilience to popular obfuscation techniques such as section encryption o Neither disassembly nor code execution needed for classification

技術應用: Malware Detection Anti-Virus Software This technology is available for licensing.

詳細技術說明: Researchers at the University of California, Santa Barbara have developed SARVAM, a novel method for visualizing and classifying malware using image processing techniques, applicable to malware detection and anti-virus software. Initial experiments show that this technique has a classification accuracy of 98%, which is on par with the state of the art. However, this method avoids many of the drawbacks of current methods and thus exhibits improved performance. In particular, this technology has a lower computational cost for malware analysis, has a faster response to threats, is resilient to popular obfuscation techniques such as section encryption, and does not require disassembly or code execution for classification.

*Abstract: A novel method for visualizing and classifying malware using image processing techniques, applicable to malware detection and anti-virus software.

*Principal Investigation: Name: Gregoire Jacob
Department:

Name: Bangalore Manjunath
Department:

Name: Lakshman Nataraj
Department:

Name: Giovanni Vigna
Department:

其他

Other Information

An online demo of SARVAM is available at this link: http://sarvam.ece.ucsb.edu/

Background

Existing approaches for analyzing malware include static code analysis (which looks at the structure of the code) and dynamic code analysis (which runs the code in a virtual environment), both of which have specific strengths. However, static analysis suffers from code obfuscation due to the need to unpack and decrypt the code, while dynamic analysis may overlook malicious behavior due to an inadequate virtual environment. Both approaches are computationally heavy and time intensive.

Additional Technologies by these Inventors

A Video Fingerprinting Method For Duplicate Detection

Tech ID/UC Case

21993/2012-085-0

Related Cases

2012-085-0

國家/地區: 美國

欲了解更多信息，請點擊這裡