METHODS AND SYSTEMS FOR MALWARE ANALYSIS USING A GENETIC ALGORITHM GRAPH EXPLAINER

Abstract: a method for malware analysis comprising: disassembling executable code to create disassembled instructions; extracting instruction blocks from the disassembled instructions; encoding the instruction blocks to create encoded instruction blocks and generating a first data graph, wherein the first data graph comprises nodes, each node from the first data graph being associated with an encoded instruction block; determining for each node an embedding of the encoded instruction block to create a canonical executable graph; classifying the canonical executable graph into either a benign family or a malicious family; and determining that the executable code is a malware when the canonical executable graph belongs to a malicious family.

Inventor(s): Benjamin Chin Ming FUNG, Mohd SAQIB

CPC Classification: G06F21/562 ({Static detection})

Search for rejections for patent application number 20250165600