1
Michael Vincent, Ali Mesdaq, Emmanuel Thioux, Abhishek Singh, Sai Vashisht: Dynamically adaptive framework and method for classifying malware using intelligent static, emulation, and dynamic analyses. FireEye, Rutan & Tucker, William W Schaal, October 27, 2015: US09171160 (54 worldwide citation)

Techniques for malware detection are described herein. According to one aspect, control logic determines an analysis plan for analyzing whether a specimen should be classified as malware, where the analysis plan identifies at least first and second analyses to be performed. Each of the first and sec ...


2
Ali Mesdaq, Paul L Westin III: Fuzzy hash of behavioral results. FireEye, Rutan & Tucker, William W Schaal, March 22, 2016: US09294501 (42 worldwide citation)

A computerized method is described in which a received object is analyzed by a malicious content detection (MCD) system to determine whether the object is malware or non-malware. The analysis may include the generation of a fuzzy hash based on a collection of behaviors for the received object. The f ...


3
Michael Vincent, Ali Mesdaq, Emmanuel Thioux, Abhishek Singh, Sal Vashisht: Malware analysis in accordance with an analysis plan. FireEye, Rutan & Tucker, March 6, 2018: US09910988 (2 worldwide citation)

Techniques for malware detection are described. Herein, a system, which detects malware in a received specimen, comprises a processor and a memory. Communicatively coupled to the processor, the memory comprises a controller that controls analysis of the specimen for malware in accordance with an ana ...


4
Ali Mesdaq, Paul L Westin III: Fuzzy hash of behavioral results. FireEye, Rutan & Tucker, March 6, 2018: US09912691 (2 worldwide citation)

A computerized method for classifying objects in a malware system is described. The method includes detecting behaviors of an object for classification after processing of the object has begun. Data associated with the detected behaviors is collected, and a fuzzy hash for the received object is gene ...


5
Abhishek Singh, Ali Mesdaq, Anirban Das, Varun Jain: Framework for classifying an object as malicious with machine learning for deploying updated predictive models. FireEye, Rutan & Tucker, June 27, 2017: US09690933 (2 worldwide citation)

According to one embodiment, an apparatus comprises a detection engine and a classification engine. The detection engine is responsible for analyzing an object to determine if the object is malicious. The classification engine is configured to (i) receive results of the analysis of the object conduc ...