08069484 is referenced by 99 patents and cites 4 patents.

Systems and methods for performing malware detection for determining suspicious data based on data entropy are provided. The method includes acquiring a block of data, calculating an entropy value for the block of data, comparing the entropy value to a threshold value, and recording the block of data as suspicious when the entropy value exceeds the threshold value. An administrator may then investigate suspicious data.

Title
System and method for determining data entropy to identify malware
Application Number
11/657541
Publication Number
8069484 (B2)
Application Date
January 25, 2007
Publication Date
November 29, 2011
Inventor
Jason Garman
Leesburg
VA, US
Chad McMillan
Alexandria
VA, US
Agent
SNR Denton US
Assignee
Mandiant Corporation
VA, US
IPC
G06F 11/00
View Original Source