CA2968201C - Systems and methods for malicious code detection - Google Patents

Systems and methods for malicious code detection Download PDF

Info

Publication number
CA2968201C
CA2968201C CA2968201A CA2968201A CA2968201C CA 2968201 C CA2968201 C CA 2968201C CA 2968201 A CA2968201 A CA 2968201A CA 2968201 A CA2968201 A CA 2968201A CA 2968201 C CA2968201 C CA 2968201C
Authority
CA
Canada
Prior art keywords
network connection
data
malicious
communication
gateway
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CA2968201A
Other languages
English (en)
French (fr)
Other versions
CA2968201A1 (en
Inventor
Roy Katmor
Tomer Bitton
Udi Yavo
Ido Kelson
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fortinet Inc
Original Assignee
Fortinet Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fortinet Inc filed Critical Fortinet Inc
Publication of CA2968201A1 publication Critical patent/CA2968201A1/en
Application granted granted Critical
Publication of CA2968201C publication Critical patent/CA2968201C/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/161Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • General Business, Economics & Management (AREA)
  • Business, Economics & Management (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
CA2968201A 2014-11-25 2015-11-24 Systems and methods for malicious code detection Active CA2968201C (en)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US201462083985P 2014-11-25 2014-11-25
US62/083,985 2014-11-25
US201562147040P 2015-04-14 2015-04-14
US62/147,040 2015-04-14
PCT/IL2015/051136 WO2016084073A1 (en) 2014-11-25 2015-11-24 Systems and methods for malicious code detection

Publications (2)

Publication Number Publication Date
CA2968201A1 CA2968201A1 (en) 2016-06-02
CA2968201C true CA2968201C (en) 2021-01-05

Family

ID=54979890

Family Applications (2)

Application Number Title Priority Date Filing Date
CA2968201A Active CA2968201C (en) 2014-11-25 2015-11-24 Systems and methods for malicious code detection
CA2968327A Active CA2968327C (en) 2014-11-25 2015-11-24 Systems and methods for malicious code detection accuracy assurance

Family Applications After (1)

Application Number Title Priority Date Filing Date
CA2968327A Active CA2968327C (en) 2014-11-25 2015-11-24 Systems and methods for malicious code detection accuracy assurance

Country Status (9)

Country Link
US (3) US9954980B2 (enExample)
EP (2) EP3225010B1 (enExample)
JP (2) JP6334069B2 (enExample)
CN (2) CN107251513B (enExample)
CA (2) CA2968201C (enExample)
HK (1) HK1244125B (enExample)
IL (2) IL252500B (enExample)
SG (2) SG11201704060RA (enExample)
WO (2) WO2016084073A1 (enExample)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20240250962A1 (en) * 2023-01-23 2024-07-25 WithSecure Corporation Arrangement and a method of threat detection in a computing device or a computer network

Families Citing this family (95)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9330119B2 (en) 2013-04-11 2016-05-03 Oracle International Corporation Knowledge intensive data management system for business process and case management
CN107251513B (zh) 2014-11-25 2020-06-09 恩西洛有限公司 用于恶意代码检测的准确保证的系统及方法
US20160225652A1 (en) 2015-02-03 2016-08-04 Applied Materials, Inc. Low temperature chuck for plasma processing systems
US10594731B2 (en) * 2016-03-24 2020-03-17 Snowflake Inc. Systems, methods, and devices for securely managing network connections
EP3440821B1 (en) * 2016-04-06 2022-08-24 Karamba Security Secure controller operation and malware prevention
WO2017175158A1 (en) * 2016-04-06 2017-10-12 Karamba Security Reporting and processing controller security information
US10417111B2 (en) * 2016-05-09 2019-09-17 Oracle International Corporation Correlation of stack segment intensity in emergent relationships
US10348755B1 (en) * 2016-06-30 2019-07-09 Symantec Corporation Systems and methods for detecting network security deficiencies on endpoint devices
CN106101130B (zh) * 2016-07-08 2019-05-17 北京易华录信息技术股份有限公司 一种网络恶意数据检测方法、装置及系统
JP2018019207A (ja) * 2016-07-27 2018-02-01 富士ゼロックス株式会社 連携管理装置及び通信システム
RU2634174C1 (ru) * 2016-10-10 2017-10-24 Акционерное общество "Лаборатория Касперского" Система и способ выполнения банковской транзакции
US10778722B2 (en) * 2016-11-08 2020-09-15 Massachusetts Institute Of Technology Dynamic flow system
US10169576B2 (en) * 2016-11-15 2019-01-01 International Business Machines Corporation Malware collusion detection
US10298605B2 (en) * 2016-11-16 2019-05-21 Red Hat, Inc. Multi-tenant cloud security threat detection
TWI617940B (zh) * 2016-12-01 2018-03-11 財團法人資訊工業策進會 資料保護方法與資料保護系統
US10325108B2 (en) * 2016-12-30 2019-06-18 Intel Corporation Method and apparatus for range based checkpoints in a storage device
CN106790292A (zh) * 2017-03-13 2017-05-31 摩贝(上海)生物科技有限公司 基于行为特征匹配和分析的web应用层攻击检测与防御方法
CN108664519B (zh) * 2017-04-01 2021-03-30 北京京东尚科信息技术有限公司 业务规则管理的方法、装置、电子设备和存储介质
TWI648650B (zh) * 2017-07-20 2019-01-21 Chunghwa Telecom Co., Ltd. 閘道裝置、其惡意網域與受駭主機的偵測方法及非暫態電腦可讀取媒體
US11102219B2 (en) * 2017-08-24 2021-08-24 At&T Intellectual Property I, L.P. Systems and methods for dynamic analysis and resolution of network anomalies
TWI650671B (zh) * 2017-10-17 2019-02-11 中華電信股份有限公司 惡意程式分析方法及裝置
US10990975B2 (en) 2017-11-08 2021-04-27 Paypal, Inc. Detecting malware by monitoring client-side memory stacks
US11017084B2 (en) * 2017-11-21 2021-05-25 International Business Machines Corporation Detection of malicious code fragments via data-flow isolation
US11785104B2 (en) 2017-11-27 2023-10-10 Lacework, Inc. Learning from similar cloud deployments
US12058160B1 (en) 2017-11-22 2024-08-06 Lacework, Inc. Generating computer code for remediating detected events
US11973784B1 (en) 2017-11-27 2024-04-30 Lacework, Inc. Natural language interface for an anomaly detection framework
US12323449B1 (en) 2017-11-27 2025-06-03 Fortinet, Inc. Code analysis feedback loop for code created using generative artificial intelligence (‘AI’)
US12130878B1 (en) 2017-11-27 2024-10-29 Fortinet, Inc. Deduplication of monitored communications data in a cloud environment
US20220224707A1 (en) 2017-11-27 2022-07-14 Lacework, Inc. Establishing a location profile for a user device
US12495052B1 (en) 2017-11-27 2025-12-09 Fortinet, Inc. Detecting package execution for threat assessments
US12309185B1 (en) 2017-11-27 2025-05-20 Fortinet, Inc. Architecture for a generative artificial intelligence (AI)-enabled assistant
US12095796B1 (en) 2017-11-27 2024-09-17 Lacework, Inc. Instruction-level threat assessment
US12368745B1 (en) 2017-11-27 2025-07-22 Fortinet, Inc. Using natural language queries to conduct an investigation of a monitored system
US12355793B1 (en) 2017-11-27 2025-07-08 Fortinet, Inc. Guided interactions with a natural language interface
US10614071B1 (en) 2017-11-27 2020-04-07 Lacework Inc. Extensible query interface for dynamic data compositions and filter applications
US12335348B1 (en) 2017-11-27 2025-06-17 Fortinet, Inc. Optimizing data warehouse utilization by a data ingestion pipeline
US11894984B2 (en) 2017-11-27 2024-02-06 Lacework, Inc. Configuring cloud deployments based on learnings obtained by monitoring other cloud deployments
US11770398B1 (en) 2017-11-27 2023-09-26 Lacework, Inc. Guided anomaly detection framework
US12407702B1 (en) 2017-11-27 2025-09-02 Fortinet, Inc. Gathering and presenting information related to common vulnerabilities and exposures
US12381901B1 (en) 2017-11-27 2025-08-05 Fortinet, Inc. Unified storage for event streams in an anomaly detection framework
US12284197B1 (en) 2017-11-27 2025-04-22 Fortinet, Inc. Reducing amounts of data ingested into a data warehouse
US11792284B1 (en) 2017-11-27 2023-10-17 Lacework, Inc. Using data transformations for monitoring a cloud compute environment
US11849000B2 (en) 2017-11-27 2023-12-19 Lacework, Inc. Using real-time monitoring to inform static analysis
US12452272B1 (en) 2017-11-27 2025-10-21 Fortinet, Inc. Reducing resource consumption spikes in an anomaly detection framework
US12401669B1 (en) 2017-11-27 2025-08-26 Fortinet, Inc. Container vulnerability management by a data platform
US11741238B2 (en) 2017-11-27 2023-08-29 Lacework, Inc. Dynamically generating monitoring tools for software applications
US12489771B1 (en) 2017-11-27 2025-12-02 Fortinet, Inc. Detecting anomalous behavior of nodes in a hierarchical cloud deployment
US11765249B2 (en) 2017-11-27 2023-09-19 Lacework, Inc. Facilitating developer efficiency and application quality
US12309182B1 (en) 2017-11-27 2025-05-20 Fortinet, Inc. Customer onboarding and integration with anomaly detection systems
US12457231B1 (en) 2017-11-27 2025-10-28 Fortinet, Inc. Initiating and utilizing pedigree for content
US12463996B1 (en) 2017-11-27 2025-11-04 Fortinet, Inc. Risk engine that utilizes key performance indicators
US20220232025A1 (en) 2017-11-27 2022-07-21 Lacework, Inc. Detecting anomalous behavior of a device
US12348545B1 (en) 2017-11-27 2025-07-01 Fortinet, Inc. Customizable generative artificial intelligence (‘AI’) assistant
US20220232024A1 (en) 2017-11-27 2022-07-21 Lacework, Inc. Detecting deviations from typical user behavior
US12463994B1 (en) 2017-11-27 2025-11-04 Fortinet, Inc. Handling of certificates by intermediate actors
US12463995B1 (en) 2017-11-27 2025-11-04 Fortinet, Inc. Tiered risk engine with user cohorts
US12126643B1 (en) 2017-11-27 2024-10-22 Fortinet, Inc. Leveraging generative artificial intelligence (‘AI’) for securing a monitored deployment
US12034754B2 (en) 2017-11-27 2024-07-09 Lacework, Inc. Using static analysis for vulnerability detection
US12407701B1 (en) 2017-11-27 2025-09-02 Fortinet, Inc. Community-based generation of policies for a data platform
US11818156B1 (en) 2017-11-27 2023-11-14 Lacework, Inc. Data lake-enabled security platform
US12418555B1 (en) 2017-11-27 2025-09-16 Fortinet Inc. Guiding query creation for a generative artificial intelligence (AI)-enabled assistant
US12267345B1 (en) 2017-11-27 2025-04-01 Fortinet, Inc. Using user feedback for attack path analysis in an anomaly detection framework
US12261866B1 (en) 2017-11-27 2025-03-25 Fortinet, Inc. Time series anomaly detection
US12309236B1 (en) 2017-11-27 2025-05-20 Fortinet, Inc. Analyzing log data from multiple sources across computing environments
US12355626B1 (en) 2017-11-27 2025-07-08 Fortinet, Inc. Tracking infrastructure as code (IaC) asset lifecycles
US11979422B1 (en) 2017-11-27 2024-05-07 Lacework, Inc. Elastic privileges in a secure access service edge
CN108846287A (zh) * 2018-06-26 2018-11-20 北京奇安信科技有限公司 一种检测漏洞攻击的方法及装置
US20190347408A1 (en) * 2018-05-11 2019-11-14 Npx Usa, Inc. Process identifier transition monitoring and assessment
US10997289B2 (en) * 2018-05-21 2021-05-04 International Business Machines Corporation Identifying malicious executing code of an enclave
US11438357B2 (en) 2018-06-22 2022-09-06 Senseon Tech Ltd Endpoint network sensor and related cybersecurity infrastructure
GB201810294D0 (en) 2018-06-22 2018-08-08 Senseon Tech Ltd Cybe defence system
GB2602254B (en) 2020-12-15 2023-04-05 Senseon Tech Ltd Network traffic monitoring
GB201812171D0 (en) 2018-07-26 2018-09-12 Senseon Tech Ltd Cyber defence system
CN110020530B (zh) * 2018-12-24 2023-07-04 中国银联股份有限公司 用于确定应用程序在运行时的安全性的方法及其装置
US11108790B1 (en) * 2019-04-30 2021-08-31 Rapid7, Inc. Attack signature generation
US11538038B2 (en) * 2019-05-31 2022-12-27 Paypal, Inc. Systems and methods for remote detection of computer device attributes
US11178178B2 (en) 2019-07-29 2021-11-16 Material Security Inc. Secure communications service for intercepting suspicious messages and performing backchannel verification thereon
CN110532768A (zh) * 2019-08-21 2019-12-03 东软医疗系统股份有限公司 系统安全加固方法及装置
US11463443B2 (en) 2019-09-19 2022-10-04 Bank Of America Corporation Real-time management of access controls
GB201915265D0 (en) 2019-10-22 2019-12-04 Senseon Tech Ltd Anomaly detection
US11722520B2 (en) * 2019-11-21 2023-08-08 Royal Bank Of Canada System and method for detecting phishing events
TWI747093B (zh) * 2019-12-03 2021-11-21 中華電信股份有限公司 驗證惡意加密連線的方法及系統
US11256759B1 (en) 2019-12-23 2022-02-22 Lacework Inc. Hierarchical graph analysis
US11201955B1 (en) 2019-12-23 2021-12-14 Lacework Inc. Agent networking in a containerized environment
US11627113B2 (en) 2020-04-01 2023-04-11 The Westem Union Company Network-based authentication rule cleaning and optimization
US11146472B1 (en) 2020-07-21 2021-10-12 Bank Of America Corporation Artificial intelligence-based lateral movement identification tool
CN112488246A (zh) * 2020-08-06 2021-03-12 蔡淦祺 一种基于网络直播和在线电商带货的信息处理方法及系统
CN114257386B (zh) * 2020-09-10 2023-03-21 华为技术有限公司 检测模型的训练方法、系统、设备及存储介质
US11641366B2 (en) 2021-01-11 2023-05-02 Bank Of America Corporation Centralized tool for identifying and blocking malicious communications transmitted within a network
US11386197B1 (en) 2021-01-11 2022-07-12 Bank Of America Corporation System and method for securing a network against malicious communications through peer-based cooperation
US11989188B2 (en) 2021-08-25 2024-05-21 Bank Of America Corporation Aggregating access to third party data sources and intelligently managing access through request quotas
US20230099241A1 (en) * 2021-09-27 2023-03-30 Bank Of America Corporation Systems and methods for identifying malicious events using deviations in user activity for enhanced network and data security
SE2151287A1 (en) * 2021-10-21 2023-04-22 Assa Abloy Ab Transmitting data for detecting suspicious activity by an electronic device
US12335303B2 (en) * 2023-01-03 2025-06-17 Bank Of America Corporation System and method for detecting and countering malicious code
US12437060B2 (en) 2023-10-12 2025-10-07 International Business Machines Corporation Using hierarchical reinforcement learning (HRL) to identify application programming interfaces (API) vulnerabilities

Family Cites Families (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU2002242043B2 (en) 2001-01-31 2006-12-14 Cisco Technology, Inc. Network port profiling
US7793346B1 (en) 2003-01-17 2010-09-07 Mcafee, Inc. System, method, and computer program product for preventing trojan communication
US7287281B1 (en) * 2003-06-17 2007-10-23 Symantec Corporation Send blocking system and method
GB0426176D0 (en) * 2004-11-29 2004-12-29 Tang Bob Immediate ready implementation of virtually congestion free guaranteed service capable network
JP4091528B2 (ja) 2003-11-20 2008-05-28 日本電信電話株式会社 不正アクセス対処ルール生成方法,不正アクセス対処方法,不正アクセス対処ルール生成装置,不正アクセス対処装置およびスタックスマッシング攻撃対策システム
JP2006053788A (ja) * 2004-08-12 2006-02-23 Ntt Docomo Inc ソフトウェア動作監視装置及びソフトウェア動作監視方法
US7756932B2 (en) * 2005-07-29 2010-07-13 Research In Motion Limited System and method for processing messages being composed by a user
US7948977B2 (en) * 2006-05-05 2011-05-24 Broadcom Corporation Packet routing with payload analysis, encapsulation and service module vectoring
US8032940B1 (en) * 2006-10-25 2011-10-04 Chaperon, LLC Method and system for generating and employing a secure integrated development environment
KR100843701B1 (ko) 2006-11-07 2008-07-04 소프트캠프(주) 콜 스택에 기록된 정보를 이용한 에이피아이 확인방법
CN101207475B (zh) * 2006-12-15 2010-05-26 友劲科技股份有限公司 一种网络系统的防止非授权连结方法
CN101206467B (zh) * 2006-12-22 2010-09-29 南京理工大学 通用数控代码解析方法
US9392452B2 (en) * 2007-12-26 2016-07-12 General Motors Llc Processing electronic messages wirelessly sent to a vehicle
US8931086B2 (en) 2008-09-26 2015-01-06 Symantec Corporation Method and apparatus for reducing false positive detection of malware
US20100293618A1 (en) 2009-05-12 2010-11-18 Microsoft Corporation Runtime analysis of software privacy issues
CN101594269B (zh) * 2009-06-29 2012-05-02 成都市华为赛门铁克科技有限公司 一种异常连接的检测方法、装置及网关设备
KR101122650B1 (ko) * 2010-04-28 2012-03-09 한국전자통신연구원 정상 프로세스에 위장 삽입된 악성코드 탐지 장치, 시스템 및 방법
US8925101B2 (en) 2010-07-28 2014-12-30 Mcafee, Inc. System and method for local protection against malicious software
US9189363B2 (en) 2010-10-07 2015-11-17 Mcafee, Inc. System, method, and computer program product for monitoring an execution flow of a function
US9215247B2 (en) * 2011-05-31 2015-12-15 Hewlett Packard Enterprise Development Lp Application security testing
US8893278B1 (en) 2011-07-12 2014-11-18 Trustwave Holdings, Inc. Detecting malware communication on an infected computing device
CN102360408A (zh) * 2011-09-28 2012-02-22 国家计算机网络与信息安全管理中心 恶意代码的检测方法及其系统
US8984331B2 (en) 2012-09-06 2015-03-17 Triumfant, Inc. Systems and methods for automated memory and thread execution anomaly detection in a computer network
CN102932329B (zh) * 2012-09-26 2016-03-30 北京奇虎科技有限公司 一种对程序的行为进行拦截的方法、装置和客户端设备
CN103716284B (zh) * 2012-09-29 2016-12-21 清华大学 网络协议自动化逆向分析方法
JP5727991B2 (ja) * 2012-11-12 2015-06-03 株式会社オプティム ユーザ端末、不正サイト情報管理サーバ、不正リクエスト遮断方法、及び不正リクエスト遮断プログラム
US9355247B1 (en) * 2013-03-13 2016-05-31 Fireeye, Inc. File extraction from memory dump for malicious content analysis
GB201306628D0 (en) 2013-04-11 2013-05-29 F Secure Oyj Detecting and marking client devices
CN103281301B (zh) * 2013-04-28 2017-02-08 上海海事大学 云安全恶意程序判断系统及方法
CN103428212A (zh) * 2013-08-08 2013-12-04 电子科技大学 一种恶意代码检测及防御的方法
CN107251513B (zh) 2014-11-25 2020-06-09 恩西洛有限公司 用于恶意代码检测的准确保证的系统及方法

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20240250962A1 (en) * 2023-01-23 2024-07-25 WithSecure Corporation Arrangement and a method of threat detection in a computing device or a computer network

Also Published As

Publication number Publication date
JP6334069B2 (ja) 2018-05-30
CN107211011A (zh) 2017-09-26
JP6758581B2 (ja) 2020-09-23
IL252501B (en) 2020-09-30
US20160149937A1 (en) 2016-05-26
HK1244125B (en) 2019-08-02
CA2968201A1 (en) 2016-06-02
US10264104B2 (en) 2019-04-16
CA2968327A1 (en) 2016-06-02
JP2017539039A (ja) 2017-12-28
WO2016084073A1 (en) 2016-06-02
WO2016084076A1 (en) 2016-06-02
EP3225009A1 (en) 2017-10-04
IL252500A0 (en) 2017-07-31
CN107251513B (zh) 2020-06-09
CN107251513A (zh) 2017-10-13
JP2018501591A (ja) 2018-01-18
US20160149887A1 (en) 2016-05-26
IL252501A0 (en) 2017-07-31
US20180241853A1 (en) 2018-08-23
IL252500B (en) 2018-07-31
EP3225009B1 (en) 2024-01-03
EP3225010A1 (en) 2017-10-04
CA2968327C (en) 2021-04-06
SG11201704060RA (en) 2017-06-29
US9954980B2 (en) 2018-04-24
SG11201704059RA (en) 2017-06-29
US10334083B2 (en) 2019-06-25
EP3225010B1 (en) 2018-09-26

Similar Documents

Publication Publication Date Title
CA2968201C (en) Systems and methods for malicious code detection
US11310264B2 (en) Using reputation to avoid false malware detections
EP3014813B1 (en) Rootkit detection by using hardware resources to detect inconsistencies in network traffic
US20180359272A1 (en) Next-generation enhanced comprehensive cybersecurity platform with endpoint protection and centralized management
US9325725B2 (en) Automated deployment of protection agents to devices connected to a distributed computer network
Inayat et al. Cloud-based intrusion detection and response system: open research issues, and solutions
US9916443B1 (en) Detecting an attempt to exploit a memory allocation vulnerability
HK1244125A1 (en) Systems and methods for malicious code detection accuracy assurance
CN106888196A (zh) 一种未知威胁检测的协同防御系统
US20170111391A1 (en) Enhanced intrusion prevention system
US11909761B2 (en) Mitigating malware impact by utilizing sandbox insights
US20220417255A1 (en) Managed detection and response system and method based on endpoints
US20250365311A1 (en) Inline ransomware detection via server message block (smb) traffic
CN105791323A (zh) 新型未知恶意软件的防御方法和设备
Yamada et al. RAT-based malicious activities detection on enterprise internal networks
CN113660222A (zh) 基于强制访问控制的态势感知防御方法及系统
TWI711939B (zh) 用於惡意程式碼檢測之系統及方法
US20250047695A1 (en) Advanced threat prevention
HK1244367A1 (en) Systems and methods for malicious code detection
HK1244367B (en) Systems and methods for malicious code detection
Afzulpurkar et al. Outgoing data filtration for detecting spyware on personal computers
CN106657102A (zh) 一种基于局域网的威胁处理方法和装置
CN120675802A (zh) 自动化恶意样本检测方法、装置、电子设备及存储介质

Legal Events

Date Code Title Description
EEER Examination request

Effective date: 20200923