Skip to Content
Find More Like This
Return to Search

Detection of malicious computer executables

United States Patent

April 14, 2009
View the Complete Patent at the US Patent & Trademark Office
Los Alamos National Laboratory - Visit the Technology Transfer Division Website
A method of detecting malicious binary executable files is accomplished by inputting a binary executable file; converting the binary executable file to byte hexadecimal text strings; calculating the frequency of each byte pattern in the byte hexadecimal text strings; selecting characteristic byte pattern frequencies as discriminating features; classifying the discriminating features as malicious or benign; labeling the binary executable file as malicious or benign; and outputting the labeled malicious or benign binary executable file.
Cai; Dongming M. (Los Alamos, NM), Gokhale; Maya (Los Alamos, NM)
Los Alamos National Security, LLC (Los Alamos, NM)
10/ 900,697
July 28, 2004
The present invention generally relates to computer protection, and, more specifically to anti-virus protection for computers that has a high detection rate and a very low false-positive alarm rate. This invention was made with Government support under Contract No. W-7405-ENG-36 awarded by the U.S. Department of Energy. The Government has certain rights in the invention.