-
公开(公告)号:US20180046801A1
公开(公告)日:2018-02-15
申请号:US15726917
申请日:2017-10-06
Applicant: Palantir Technologies Inc.
Inventor: Matthew Falk , Timothy Yousaf , Joseph Staehle , Lucas Lemanowicz , Sebastien Noury , Robin Lim , Michael Glazer
CPC classification number: G06F21/56 , G06F21/6209 , G06F21/6218 , G06F2221/034 , H04L63/105
Abstract: Embodiments of the present disclosure relate to a data analysis system that may automatically analyze a suspected malware file, or group of files. Automatic analysis of the suspected malware file(s) may include one or more automatic analysis techniques. Automatic analysis of may include production and gathering of various items of information related to the suspected malware file(s) including, for example, calculated hashes, file properties, academic analysis information, file execution information, third-party analysis information, and/or the like. The analysis information may be automatically associated with the suspected malware file(s), and a user interface may be generated in which the various analysis information items are presented to a human analyst such that the analyst may quickly and efficiently evaluate the suspected malware file(s). For example, the analyst may quickly determine one or more characteristics of the suspected malware file(s), whether or not the file(s) is malware, and/or a threat level of the file(s).
-
公开(公告)号:US09021260B1
公开(公告)日:2015-04-28
申请号:US14473860
申请日:2014-08-29
Applicant: Palantir Technologies Inc.
Inventor: Matthew Falk , Timothy Yousaf , Joseph Staehle , Lucas Lemanowicz , Sebastien Noury , Robin Lim , Michael Glazer
CPC classification number: G06F21/56 , G06F21/6209 , G06F21/6218 , G06F2221/2101 , G06F2221/2107
Abstract: Embodiments of the present disclosure relate to a data analysis system that may automatically analyze a suspected malware file, or group of files. Automatic analysis of the suspected malware file(s) may include one or more automatic analysis techniques. Automatic analysis of may include production and gathering of various items of information related to the suspected malware file(s) including, for example, calculated hashes, file properties, academic analysis information, file execution information, third-party analysis information, and/or the like. The analysis information may be automatically associated with the suspected malware file(s), and a user interface may be generated in which the various analysis information items are presented to a human analyst such that the analyst may quickly and efficiently evaluate the suspected malware file(s). For example, the analyst may quickly determine one or more characteristics of the suspected malware file(s), whether or not the file(s) is malware, and/or a threat level of the file(s).
Abstract translation: 本公开的实施例涉及可以自动分析可疑的恶意软件文件或文件组的数据分析系统。 可疑恶意软件文件的自动分析可能包括一个或多个自动分析技术。 自动分析可能包括生成和收集与疑似恶意软件文件相关的各种信息项,包括例如计算散列,文件属性,学术分析信息,文件执行信息,第三方分析信息和/或 类似。 分析信息可以自动地与可疑的恶意软件文件相关联,并且可以生成用户界面,其中将各种分析信息项目呈现给人类分析人员,使得分析者可以快速有效地评估可疑的恶意软件文件( s)。 例如,分析人员可能会快速确定可疑恶意软件文件的一个或多个特征,无论文件是恶意软件,还是文件的威胁级别。
-
公开(公告)号:US09785773B2
公开(公告)日:2017-10-10
申请号:US14668833
申请日:2015-03-25
Applicant: Palantir Technologies Inc.
Inventor: Matthew Falk , Timothy Yousaf , Joseph Staehle , Lucas Lemanowicz , Sebastien Noury , Robin Lim , Michael Glazer
CPC classification number: G06F21/56 , G06F21/6209 , G06F21/6218 , G06F2221/034 , H04L63/105
Abstract: Embodiments of the present disclosure relate to a data analysis system that may automatically analyze a suspected malware file, or group of files. Automatic analysis of the suspected malware file(s) may include one or more automatic analysis techniques. Automatic analysis of may include production and gathering of various items of information related to the suspected malware file(s) including, for example, calculated hashes, file properties, academic analysis information, file execution information, third-party analysis information, and/or the like. The analysis information may be automatically associated with the suspected malware file(s), and a user interface may be generated in which the various analysis information items are presented to a human analyst such that the analyst may quickly and efficiently evaluate the suspected malware file(s). For example, the analyst may quickly determine one or more characteristics of the suspected malware file(s), whether or not the file(s) is malware, and/or a threat level of the file(s).
-
公开(公告)号:US20160004864A1
公开(公告)日:2016-01-07
申请号:US14668833
申请日:2015-03-25
Applicant: Palantir Technologies Inc.
Inventor: Matthew Falk , Timothy Yousaf , Joseph Staehle , Lucas Lemanowicz , Sebastien Noury , Robin Lim , Michael Glazer
IPC: G06F21/56
CPC classification number: G06F21/56 , G06F21/6209 , G06F21/6218 , G06F2221/034 , H04L63/105
Abstract: Embodiments of the present disclosure relate to a data analysis system that may automatically analyze a suspected malware file, or group of files. Automatic analysis of the suspected malware file(s) may include one or more automatic analysis techniques. Automatic analysis of may include production and gathering of various items of information related to the suspected malware file(s) including, for example, calculated hashes, file properties, academic analysis information, file execution information, third-party analysis information, and/or the like. The analysis information may be automatically associated with the suspected malware file(s), and a user interface may be generated in which the various analysis information items are presented to a human analyst such that the analyst may quickly and efficiently evaluate the suspected malware file(s). For example, the analyst may quickly determine one or more characteristics of the suspected malware file(s), whether or not the file(s) is malware, and/or a threat level of the file(s).
Abstract translation: 本公开的实施例涉及可以自动分析可疑的恶意软件文件或文件组的数据分析系统。 可疑恶意软件文件的自动分析可能包括一个或多个自动分析技术。 自动分析可能包括生成和收集与疑似恶意软件文件相关的各种信息项,包括例如计算散列,文件属性,学术分析信息,文件执行信息,第三方分析信息和/或 类似。 分析信息可以自动地与可疑的恶意软件文件相关联,并且可以生成用户界面,其中将各种分析信息项目呈现给人类分析人员,使得分析者可以快速有效地评估可疑的恶意软件文件( s)。 例如,分析人员可能会快速确定可疑恶意软件文件的一个或多个特征,无论文件是恶意软件,还是文件的威胁级别。
-
-
-
Search Results
4
records
(took 0.015 seconds)
