System and method for advanced malware analysis
作者: Kenneth Maclean , Calvin H. Smith , Jason J. Liu , Stephen Mann , Wendy Mann
DOI:
关键词:
摘要: A system and a method for advanced malware analysis. The filters incoming messages with watch-list, the including attachments, if an message matches forwards to detection engine, strips attachments from forwarded message, one or more executable files, launches plurality of sandboxes, executes each files in sandboxes generating analysis results that may be used determine whether file is malicious, normalizes results, evaluates risk level based on normalized and, attachment above certain level, determines malicious permanently quarantines message.
lens.org 参考文章(5)
Kenneth Muse, Sean McCloskey, System and method for gathering and utilizing building energy information ,(2010)
Thomas Shanley, Steven Hildner, Jay Lukin, Sam Emara, Adam Mckay, Paul Neuner, Nate Kolonski, Tom Krussel, Mobile telephone firewall and compliance enforcement system and method ,(2009)
John P. Watters, Frederick Doyle, Michael J. Weinberger, Gregory MacManus, Jonathan M. Couch, Sam F. Stover, Electronic crime detection and tracking ,(2008)
Paul C. Kocher, Nathaniel J. Lawson, Carter C. Laren, Joshua M. Jaffe, Peter K. Pearson, Benjamin C. Jun, Reprogrammable security for controlling piracy and enabling interactive content ,(2004)
Adam S. Dawes, Kenneth K. Okumura, Scott M. Petry, Peter K. Lund, Carl S. Gutekunst, James Cunningham, Erik S. Chen, Dmitriy Y. Larin, Zero-hour quarantine of suspect electronic messages ,(2008)