基本信息:
- 专利标题: JUST IN TIME MEMORY ANALYSIS FOR MALWARE DETECTION
- 申请号:PCT/US2018/055694 申请日:2018-10-12
- 公开(公告)号:WO2019075388A1 公开(公告)日:2019-04-18
- 发明人: DAS, Soumyadipta , DUBROVSKY, Alex , KORSUNSKY, Igor
- 申请人: SONICWALL INC.
- 申请人地址: 1033 McCarthy Blvd. Milpitas, CA 95035 US
- 专利权人: SONICWALL INC.
- 当前专利权人: SONICWALL INC.
- 当前专利权人地址: 1033 McCarthy Blvd. Milpitas, CA 95035 US
- 代理机构: RAPP, Robert, J. et al.
- 优先权: US15/783,793 20171013
- 主分类号: G06F11/30
- IPC分类号: G06F11/30
摘要:
Methods and apparatus consistent with the present disclosure may use instrumentation code that remains transparent to an application program that the instrumentation code has been injected into. In certain instances, data sets that include executable code may be received via packetized communications or be received via other means, such as, receiving a file from a data store. The present technique allows a processor executing instrumentation code to monitor actions performed by the program code included in a received data set. Malware may be detected by scanning suspect program code with a malware scanner, malware may be detected by identifying suspicious actions performed by a set of program code, or malware may be detected by a combination of such techniques.