Abstract: Automated malware signature generation is disclosed. Automated malware signature generation includes monitoring incoming unknown files for the presence of malware and analyzing the incoming unknown files based on both a plurality of classifiers of file behavior and a plurality of classifiers of file content. An incoming file is classified as having a particular malware classification based on the analyzing of incoming unknown files and a malware signature is generated for the incoming unknown file based on the particular malware classification. Access is provided to the malware signature.

Abstract: Automated malware signature generation is disclosed. Automated malware signature generation includes monitoring incoming unknown files for the presence of malware and analyzing the incoming unknown files based on both a plurality of classifiers of file behavior and a plurality of classifiers of file content. An incoming file is classified as having a particular malware classification based on the analyzing of incoming unknown files and a malware signature is generated for the incoming unknown file based on the particular malware classification. Access is provided to the malware signature.

Abstract: Automated malware signature generation is disclosed. Automated malware signature generation includes monitoring incoming unknown files for the presence of malware and analyzing the incoming unknown files based on both a plurality of classifiers of file behavior and a plurality of classifiers of file content. An incoming file is classified as having a particular malware classification based on the analyzing of incoming unknown files and a malware signature is generated for the incoming unknown file based on the particular malware classification. Access is provided to the malware signature.

Abstract: Automated malware signature generation is disclosed. Automated malware signature generation includes monitoring incoming unknown files for the presence of malware and analyzing the incoming unknown files based on both a plurality of classifiers of file behavior and a plurality of classifiers of file content. An incoming file is classified as having a particular malware classification based on the analyzing of incoming unknown files and a malware signature is generated for the incoming unknown file based on the particular malware classification. Access is provided to the malware signature.

Abstract: Embodiments of the invention provide a method, system, and media for determining search results based on a query. One embodiment of the method includes receiving an initial query, inspecting an initial set of query-related information that is associated with the query, which is the fruit of analyzing aggregated user-interaction data, which includes information related to how users have previously interacted with former search results that were presented in response to the query. This information includes prior metadata associated with the former search results. Embodiments further include presenting an initial set of search results based on the initial set of query-related information, gathering current user-interaction data, and updating the initial set of query-related information based on the current user-interaction data. In this way, an embodiment of the invention helps, among other things, map a semantic meaning of a query to results that bring about a satisfying user experience.

Abstract: Automated malware signature generation is disclosed. Automated malware signature generation includes monitoring incoming unknown files for the presence of malware and analyzing the incoming unknown files based on both a plurality of classifiers of file behavior and a plurality of classifiers of file content. An incoming file is classified as having a particular malware classification based on the analyzing of incoming unknown files and a malware signature is generated for the incoming unknown file based on the particular malware classification. Access is provided to the malware signature.

Abstract: Embodiments of the invention provide a method, system, and media for determining search results based on a query. One embodiment of the method includes receiving an initial query, inspecting an initial set of query-related information that is associated with the query, which is the fruit of analyzing aggregated user-interaction data, which includes information related to how users have previously interacted with former search results that were presented in response to the query. This information includes prior metadata associated with the former search results. Embodiments further include presenting an initial set of search results based on the initial set of query-related information, gathering current user-interaction data, and updating the initial set of query-related information based on the current user-interaction data. In this way, an embodiment of the invention helps, among other things, map a semantic meaning of a query to results that bring about a satisfying user experience.

Abstract: Automated malware signature generation is disclosed. Automated malware signature generation includes monitoring incoming unknown files for the presence of malware and analyzing the incoming unknown files based on both a plurality of classifiers of file behavior and a plurality of classifiers of file content. An incoming file is classified as having a particular malware classification based on the analyzing of incoming unknown files and a malware signature is generated for the incoming unknown file based on the particular malware classification. Access is provided to the malware signature.

Abstract: A method is provided for tracking user-interaction with an interactive web application associated with a web page. The method includes providing one or more modified HTML elements for use with the web page. The default behavior of the HTML elements is modified to include a call to a tracking server. The interactive web application associated with the web page includes at least one of the modified HTML elements. User interaction information is then sent to the tracking server according to the call in the modified HTML elements.

Abstract: The present invention is directed to a method and system for automatically classifying an application into an application group which is previously classified in a knowledge base. More specifically, a runtime behavior of an application is captured as a series of events which are monitored and recorded during the execution of the application. The series of events are analyzed to find a proper application group which shares common runtime behavior patterns with the application. The knowledge base of application groups is previously constructed based on a large number of sample applications. The construction of the knowledge base is done in such a manner that each sample application can be classified into application groups based on a set of classification rules in the knowledge base. The set of classification rules are applied to a new application in order to classify the new application into one of the application groups.