Dropbox, Inc.
Identifying malware based on content item identifiers

Abstract:

Disclosed are systems, methods, and non-transitory computer-readable storage media for identifying malware based on content item identifiers. For example, a system for detecting malware can be made more efficient by reducing the number of content items that are scanned or analyzed for malicious software code or computer instructions. The number of content items that need to be scanned can be reduced by identifying suspicious content items based on tokens (e.g., strings of characters) commonly used by malware in the identifiers of malware related content items and then analyzing the identified suspicious content items for malicious content (e.g., malicious software instructions) using the anti-malware software.