CN107211011A - 用于恶意代码检测的系统及方法 - Google Patents

用于恶意代码检测的系统及方法 Download PDF

Info

Publication number
CN107211011A
CN107211011A CN201580074473.9A CN201580074473A CN107211011A CN 107211011 A CN107211011 A CN 107211011A CN 201580074473 A CN201580074473 A CN 201580074473A CN 107211011 A CN107211011 A CN 107211011A
Authority
CN
China
Prior art keywords
data
network connectivity
malicious
levy
gateway
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201580074473.9A
Other languages
English (en)
Chinese (zh)
Inventor
罗伊·喀特莫尔
汤默尔·比东
尤的·雅沃
伊多·凯乐荪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fortinet Inc
Original Assignee
Encillo Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Encillo Ltd filed Critical Encillo Ltd
Publication of CN107211011A publication Critical patent/CN107211011A/zh
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/161Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • General Business, Economics & Management (AREA)
  • Business, Economics & Management (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
CN201580074473.9A 2014-11-25 2015-11-24 用于恶意代码检测的系统及方法 Pending CN107211011A (zh)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US201462083985P 2014-11-25 2014-11-25
US62/083,985 2014-11-25
US201562147040P 2015-04-14 2015-04-14
US62/147,040 2015-04-14
PCT/IL2015/051136 WO2016084073A1 (en) 2014-11-25 2015-11-24 Systems and methods for malicious code detection

Publications (1)

Publication Number Publication Date
CN107211011A true CN107211011A (zh) 2017-09-26

Family

ID=54979890

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201580074473.9A Pending CN107211011A (zh) 2014-11-25 2015-11-24 用于恶意代码检测的系统及方法
CN201580074497.4A Active CN107251513B (zh) 2014-11-25 2015-11-24 用于恶意代码检测的准确保证的系统及方法

Family Applications After (1)

Application Number Title Priority Date Filing Date
CN201580074497.4A Active CN107251513B (zh) 2014-11-25 2015-11-24 用于恶意代码检测的准确保证的系统及方法

Country Status (9)

Country Link
US (3) US9954980B2 (https=)
EP (2) EP3225009B1 (https=)
JP (2) JP6334069B2 (https=)
CN (2) CN107211011A (https=)
CA (2) CA2968201C (https=)
HK (1) HK1244125B (https=)
IL (2) IL252501B (https=)
SG (2) SG11201704059RA (https=)
WO (2) WO2016084073A1 (https=)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110532768A (zh) * 2019-08-21 2019-12-03 东软医疗系统股份有限公司 系统安全加固方法及装置
CN111814909A (zh) * 2020-08-06 2020-10-23 蔡淦祺 基于网络直播和在线电商带货的信息处理方法及云服务器
TWI747093B (zh) * 2019-12-03 2021-11-21 中華電信股份有限公司 驗證惡意加密連線的方法及系統

Families Citing this family (105)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9495395B2 (en) 2013-04-11 2016-11-15 Oracle International Corporation Predictive diagnosis of SLA violations in cloud services by seasonal trending and forecasting with thread intensity analytics
JP6334069B2 (ja) 2014-11-25 2018-05-30 エンサイロ リミテッドenSilo Ltd. 悪意のあるコードの検出の精度保証のためのシステムおよび方法
US20160225652A1 (en) 2015-02-03 2016-08-04 Applied Materials, Inc. Low temperature chuck for plasma processing systems
US10594731B2 (en) * 2016-03-24 2020-03-17 Snowflake Inc. Systems, methods, and devices for securely managing network connections
EP3440818B1 (en) * 2016-04-06 2022-06-22 Karamba Security Reporting and processing controller security information
WO2017175157A1 (en) * 2016-04-06 2017-10-12 Karamba Security Secure controller operation and malware prevention
US10467123B2 (en) 2016-05-09 2019-11-05 Oracle International Corporation Compression techniques for encoding stack trace information
US10348755B1 (en) * 2016-06-30 2019-07-09 Symantec Corporation Systems and methods for detecting network security deficiencies on endpoint devices
CN106101130B (zh) * 2016-07-08 2019-05-17 北京易华录信息技术股份有限公司 一种网络恶意数据检测方法、装置及系统
JP2018019207A (ja) * 2016-07-27 2018-02-01 富士ゼロックス株式会社 連携管理装置及び通信システム
RU2634174C1 (ru) * 2016-10-10 2017-10-24 Акционерное общество "Лаборатория Касперского" Система и способ выполнения банковской транзакции
US10778722B2 (en) * 2016-11-08 2020-09-15 Massachusetts Institute Of Technology Dynamic flow system
US10169576B2 (en) 2016-11-15 2019-01-01 International Business Machines Corporation Malware collusion detection
US10298605B2 (en) * 2016-11-16 2019-05-21 Red Hat, Inc. Multi-tenant cloud security threat detection
TWI617940B (zh) * 2016-12-01 2018-03-11 財團法人資訊工業策進會 資料保護方法與資料保護系統
US10325108B2 (en) * 2016-12-30 2019-06-18 Intel Corporation Method and apparatus for range based checkpoints in a storage device
CN106790292A (zh) * 2017-03-13 2017-05-31 摩贝(上海)生物科技有限公司 基于行为特征匹配和分析的web应用层攻击检测与防御方法
CN108664519B (zh) * 2017-04-01 2021-03-30 北京京东尚科信息技术有限公司 业务规则管理的方法、装置、电子设备和存储介质
TWI648650B (zh) * 2017-07-20 2019-01-21 Chunghwa Telecom Co., Ltd. 閘道裝置、其惡意網域與受駭主機的偵測方法及非暫態電腦可讀取媒體
US11102219B2 (en) * 2017-08-24 2021-08-24 At&T Intellectual Property I, L.P. Systems and methods for dynamic analysis and resolution of network anomalies
TWI650671B (zh) * 2017-10-17 2019-02-11 中華電信股份有限公司 惡意程式分析方法及裝置
US10990975B2 (en) 2017-11-08 2021-04-27 Paypal, Inc. Detecting malware by monitoring client-side memory stacks
US11017084B2 (en) * 2017-11-21 2021-05-25 International Business Machines Corporation Detection of malicious code fragments via data-flow isolation
US12058160B1 (en) 2017-11-22 2024-08-06 Lacework, Inc. Generating computer code for remediating detected events
US11973784B1 (en) 2017-11-27 2024-04-30 Lacework, Inc. Natural language interface for an anomaly detection framework
US11785104B2 (en) 2017-11-27 2023-10-10 Lacework, Inc. Learning from similar cloud deployments
US10425437B1 (en) 2017-11-27 2019-09-24 Lacework Inc. Extended user session tracking
US11818156B1 (en) 2017-11-27 2023-11-14 Lacework, Inc. Data lake-enabled security platform
US12095796B1 (en) 2017-11-27 2024-09-17 Lacework, Inc. Instruction-level threat assessment
US12463996B1 (en) 2017-11-27 2025-11-04 Fortinet, Inc. Risk engine that utilizes key performance indicators
US12401669B1 (en) 2017-11-27 2025-08-26 Fortinet, Inc. Container vulnerability management by a data platform
US12355626B1 (en) 2017-11-27 2025-07-08 Fortinet, Inc. Tracking infrastructure as code (IaC) asset lifecycles
US11741238B2 (en) 2017-11-27 2023-08-29 Lacework, Inc. Dynamically generating monitoring tools for software applications
US12457231B1 (en) 2017-11-27 2025-10-28 Fortinet, Inc. Initiating and utilizing pedigree for content
US12549577B1 (en) 2017-11-27 2026-02-10 Fortinet, Inc. Tracking and relating discovered security issues over time
US11792284B1 (en) 2017-11-27 2023-10-17 Lacework, Inc. Using data transformations for monitoring a cloud compute environment
US11765249B2 (en) 2017-11-27 2023-09-19 Lacework, Inc. Facilitating developer efficiency and application quality
US12284197B1 (en) 2017-11-27 2025-04-22 Fortinet, Inc. Reducing amounts of data ingested into a data warehouse
US12580932B1 (en) 2017-11-27 2026-03-17 Fortinet, Inc. Customer onboarding and integration with anomaly detection systems
US12452272B1 (en) 2017-11-27 2025-10-21 Fortinet, Inc. Reducing resource consumption spikes in an anomaly detection framework
US12511110B1 (en) 2017-11-27 2025-12-30 Fortinet, Inc. Development and distribution of components for an anomaly detection framework
US12580935B1 (en) 2017-11-27 2026-03-17 Fortinet, Inc. Scoring of events in an edge-based data platform
US20220232024A1 (en) 2017-11-27 2022-07-21 Lacework, Inc. Detecting deviations from typical user behavior
US20220224707A1 (en) 2017-11-27 2022-07-14 Lacework, Inc. Establishing a location profile for a user device
US11894984B2 (en) 2017-11-27 2024-02-06 Lacework, Inc. Configuring cloud deployments based on learnings obtained by monitoring other cloud deployments
US12261866B1 (en) 2017-11-27 2025-03-25 Fortinet, Inc. Time series anomaly detection
US12309236B1 (en) 2017-11-27 2025-05-20 Fortinet, Inc. Analyzing log data from multiple sources across computing environments
US12368745B1 (en) 2017-11-27 2025-07-22 Fortinet, Inc. Using natural language queries to conduct an investigation of a monitored system
US12563064B2 (en) 2017-11-27 2026-02-24 Fortinet, Inc. Distinguishing user-initiated activity from application-initiated activity
US12407701B1 (en) 2017-11-27 2025-09-02 Fortinet, Inc. Community-based generation of policies for a data platform
US12126643B1 (en) 2017-11-27 2024-10-22 Fortinet, Inc. Leveraging generative artificial intelligence (‘AI’) for securing a monitored deployment
US12489771B1 (en) 2017-11-27 2025-12-02 Fortinet, Inc. Detecting anomalous behavior of nodes in a hierarchical cloud deployment
US12598205B1 (en) 2017-11-27 2026-04-07 Fortinet, Inc. Browser-based detection of data exfiltration
US12381901B1 (en) 2017-11-27 2025-08-05 Fortinet, Inc. Unified storage for event streams in an anomaly detection framework
US12034754B2 (en) 2017-11-27 2024-07-09 Lacework, Inc. Using static analysis for vulnerability detection
US12407702B1 (en) 2017-11-27 2025-09-02 Fortinet, Inc. Gathering and presenting information related to common vulnerabilities and exposures
US12355793B1 (en) 2017-11-27 2025-07-08 Fortinet, Inc. Guided interactions with a natural language interface
US12613930B1 (en) 2017-11-27 2026-04-28 Fortinet, Inc. Ensuring exactly once data ingestion
US12537836B1 (en) 2017-11-27 2026-01-27 Fortinet, Inc. Risk scoring based on entity correlation
US12309185B1 (en) 2017-11-27 2025-05-20 Fortinet, Inc. Architecture for a generative artificial intelligence (AI)-enabled assistant
US12463995B1 (en) 2017-11-27 2025-11-04 Fortinet, Inc. Tiered risk engine with user cohorts
US12267345B1 (en) 2017-11-27 2025-04-01 Fortinet, Inc. Using user feedback for attack path analysis in an anomaly detection framework
US11770398B1 (en) 2017-11-27 2023-09-26 Lacework, Inc. Guided anomaly detection framework
US12348545B1 (en) 2017-11-27 2025-07-01 Fortinet, Inc. Customizable generative artificial intelligence (‘AI’) assistant
US12323449B1 (en) 2017-11-27 2025-06-03 Fortinet, Inc. Code analysis feedback loop for code created using generative artificial intelligence (‘AI’)
US12463994B1 (en) 2017-11-27 2025-11-04 Fortinet, Inc. Handling of certificates by intermediate actors
US12309182B1 (en) 2017-11-27 2025-05-20 Fortinet, Inc. Customer onboarding and integration with anomaly detection systems
US12130878B1 (en) 2017-11-27 2024-10-29 Fortinet, Inc. Deduplication of monitored communications data in a cloud environment
US11979422B1 (en) 2017-11-27 2024-05-07 Lacework, Inc. Elastic privileges in a secure access service edge
US12526297B2 (en) 2017-11-27 2026-01-13 Fortinet, Inc. Annotating changes in software across computing environments
US12549575B1 (en) 2017-11-27 2026-02-10 Fortinet, Inc. Determining user risk based on user posture and activity
US11849000B2 (en) 2017-11-27 2023-12-19 Lacework, Inc. Using real-time monitoring to inform static analysis
US20220232025A1 (en) 2017-11-27 2022-07-21 Lacework, Inc. Detecting anomalous behavior of a device
US12563071B1 (en) 2017-11-27 2026-02-24 Fortinet, Inc. Using generative artificial intelligence to interface with a knowledge graph
US12418555B1 (en) 2017-11-27 2025-09-16 Fortinet Inc. Guiding query creation for a generative artificial intelligence (AI)-enabled assistant
US12335348B1 (en) 2017-11-27 2025-06-17 Fortinet, Inc. Optimizing data warehouse utilization by a data ingestion pipeline
US12495052B1 (en) 2017-11-27 2025-12-09 Fortinet, Inc. Detecting package execution for threat assessments
US12556559B1 (en) 2018-03-30 2026-02-17 Fortinet, Inc. Providing generative artificial intelligence (AI)-enabled notebook interfaces for a security framework
CN108846287A (zh) * 2018-06-26 2018-11-20 北京奇安信科技有限公司 一种检测漏洞攻击的方法及装置
US20190347408A1 (en) * 2018-05-11 2019-11-14 Npx Usa, Inc. Process identifier transition monitoring and assessment
US10997289B2 (en) * 2018-05-21 2021-05-04 International Business Machines Corporation Identifying malicious executing code of an enclave
GB201810294D0 (en) 2018-06-22 2018-08-08 Senseon Tech Ltd Cybe defence system
GB2602254B (en) 2020-12-15 2023-04-05 Senseon Tech Ltd Network traffic monitoring
US11438357B2 (en) 2018-06-22 2022-09-06 Senseon Tech Ltd Endpoint network sensor and related cybersecurity infrastructure
GB201812171D0 (en) 2018-07-26 2018-09-12 Senseon Tech Ltd Cyber defence system
CN110020530B (zh) * 2018-12-24 2023-07-04 中国银联股份有限公司 用于确定应用程序在运行时的安全性的方法及其装置
US11108790B1 (en) * 2019-04-30 2021-08-31 Rapid7, Inc. Attack signature generation
US11538038B2 (en) * 2019-05-31 2022-12-27 Paypal, Inc. Systems and methods for remote detection of computer device attributes
US11178178B2 (en) 2019-07-29 2021-11-16 Material Security Inc. Secure communications service for intercepting suspicious messages and performing backchannel verification thereon
US11463443B2 (en) 2019-09-19 2022-10-04 Bank Of America Corporation Real-time management of access controls
GB201915265D0 (en) 2019-10-22 2019-12-04 Senseon Tech Ltd Anomaly detection
CA3100468A1 (en) * 2019-11-21 2021-05-21 Royal Bank Of Canada System and method for detecting phishing events
US11256759B1 (en) 2019-12-23 2022-02-22 Lacework Inc. Hierarchical graph analysis
US11201955B1 (en) 2019-12-23 2021-12-14 Lacework Inc. Agent networking in a containerized environment
US11627113B2 (en) * 2020-04-01 2023-04-11 The Westem Union Company Network-based authentication rule cleaning and optimization
US11146472B1 (en) 2020-07-21 2021-10-12 Bank Of America Corporation Artificial intelligence-based lateral movement identification tool
CN114257386B (zh) * 2020-09-10 2023-03-21 华为技术有限公司 检测模型的训练方法、系统、设备及存储介质
US11641366B2 (en) 2021-01-11 2023-05-02 Bank Of America Corporation Centralized tool for identifying and blocking malicious communications transmitted within a network
US11386197B1 (en) 2021-01-11 2022-07-12 Bank Of America Corporation System and method for securing a network against malicious communications through peer-based cooperation
US11989188B2 (en) 2021-08-25 2024-05-21 Bank Of America Corporation Aggregating access to third party data sources and intelligently managing access through request quotas
US20230099241A1 (en) * 2021-09-27 2023-03-30 Bank Of America Corporation Systems and methods for identifying malicious events using deviations in user activity for enhanced network and data security
SE2151287A1 (en) * 2021-10-21 2023-04-22 Assa Abloy Ab Transmitting data for detecting suspicious activity by an electronic device
US12335303B2 (en) * 2023-01-03 2025-06-17 Bank Of America Corporation System and method for detecting and countering malicious code
GB2626375B (en) * 2023-01-23 2026-03-18 Withsecure Corp An arrangement and a method of threat detection in a computing device or a computer network
US12437060B2 (en) 2023-10-12 2025-10-07 International Business Machines Corporation Using hierarchical reinforcement learning (HRL) to identify application programming interfaces (API) vulnerabilities

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101068142A (zh) * 2006-05-05 2007-11-07 美国博通公司 一种通信架构及其内的中间路由节点和方法
CN101207475A (zh) * 2006-12-15 2008-06-25 友劲科技股份有限公司 一种网络系统的防止非授权连结方法
CN101472221A (zh) * 2007-12-26 2009-07-01 通用汽车公司 处理无线发送到交通工具的电子消息
CN101594269A (zh) * 2009-06-29 2009-12-02 成都市华为赛门铁克科技有限公司 一种异常连接的检测方法、装置及网关设备
US8032940B1 (en) * 2006-10-25 2011-10-04 Chaperon, LLC Method and system for generating and employing a secure integrated development environment
US20110271343A1 (en) * 2010-04-28 2011-11-03 Electronics And Telecommunications Research Institute Apparatus, system and method for detecting malicious code
CN102932329A (zh) * 2012-09-26 2013-02-13 北京奇虎科技有限公司 一种对程序的行为进行拦截的方法、装置和客户端设备
CN103281301A (zh) * 2013-04-28 2013-09-04 上海海事大学 云安全恶意程序判断系统及方法
CN103428212A (zh) * 2013-08-08 2013-12-04 电子科技大学 一种恶意代码检测及防御的方法
CN103812852A (zh) * 2012-11-12 2014-05-21 株式会社OPTiM 用户终端、未授权网站信息管理服务器及相应方法和程序

Family Cites Families (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002061510A2 (en) 2001-01-31 2002-08-08 Lancope, Inc. Network port profiling
US7793346B1 (en) * 2003-01-17 2010-09-07 Mcafee, Inc. System, method, and computer program product for preventing trojan communication
US7287281B1 (en) * 2003-06-17 2007-10-23 Symantec Corporation Send blocking system and method
GB0426176D0 (en) * 2004-11-29 2004-12-29 Tang Bob Immediate ready implementation of virtually congestion free guaranteed service capable network
JP4091528B2 (ja) 2003-11-20 2008-05-28 日本電信電話株式会社 不正アクセス対処ルール生成方法,不正アクセス対処方法,不正アクセス対処ルール生成装置,不正アクセス対処装置およびスタックスマッシング攻撃対策システム
JP2006053788A (ja) * 2004-08-12 2006-02-23 Ntt Docomo Inc ソフトウェア動作監視装置及びソフトウェア動作監視方法
US7756932B2 (en) * 2005-07-29 2010-07-13 Research In Motion Limited System and method for processing messages being composed by a user
KR100843701B1 (ko) 2006-11-07 2008-07-04 소프트캠프(주) 콜 스택에 기록된 정보를 이용한 에이피아이 확인방법
CN101206467B (zh) * 2006-12-22 2010-09-29 南京理工大学 通用数控代码解析方法
US8931086B2 (en) 2008-09-26 2015-01-06 Symantec Corporation Method and apparatus for reducing false positive detection of malware
US20100293618A1 (en) 2009-05-12 2010-11-18 Microsoft Corporation Runtime analysis of software privacy issues
US8925101B2 (en) 2010-07-28 2014-12-30 Mcafee, Inc. System and method for local protection against malicious software
US9189363B2 (en) 2010-10-07 2015-11-17 Mcafee, Inc. System, method, and computer program product for monitoring an execution flow of a function
EP2715599B1 (en) * 2011-05-31 2019-07-03 EntIT Software LLC Application security testing
US8893278B1 (en) 2011-07-12 2014-11-18 Trustwave Holdings, Inc. Detecting malware communication on an infected computing device
CN102360408A (zh) * 2011-09-28 2012-02-22 国家计算机网络与信息安全管理中心 恶意代码的检测方法及其系统
US8984331B2 (en) 2012-09-06 2015-03-17 Triumfant, Inc. Systems and methods for automated memory and thread execution anomaly detection in a computer network
CN103716284B (zh) * 2012-09-29 2016-12-21 清华大学 网络协议自动化逆向分析方法
US9355247B1 (en) * 2013-03-13 2016-05-31 Fireeye, Inc. File extraction from memory dump for malicious content analysis
GB201306628D0 (en) 2013-04-11 2013-05-29 F Secure Oyj Detecting and marking client devices
JP6334069B2 (ja) 2014-11-25 2018-05-30 エンサイロ リミテッドenSilo Ltd. 悪意のあるコードの検出の精度保証のためのシステムおよび方法

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101068142A (zh) * 2006-05-05 2007-11-07 美国博通公司 一种通信架构及其内的中间路由节点和方法
US8032940B1 (en) * 2006-10-25 2011-10-04 Chaperon, LLC Method and system for generating and employing a secure integrated development environment
CN101207475A (zh) * 2006-12-15 2008-06-25 友劲科技股份有限公司 一种网络系统的防止非授权连结方法
CN101472221A (zh) * 2007-12-26 2009-07-01 通用汽车公司 处理无线发送到交通工具的电子消息
CN101594269A (zh) * 2009-06-29 2009-12-02 成都市华为赛门铁克科技有限公司 一种异常连接的检测方法、装置及网关设备
US20110271343A1 (en) * 2010-04-28 2011-11-03 Electronics And Telecommunications Research Institute Apparatus, system and method for detecting malicious code
CN102932329A (zh) * 2012-09-26 2013-02-13 北京奇虎科技有限公司 一种对程序的行为进行拦截的方法、装置和客户端设备
CN103812852A (zh) * 2012-11-12 2014-05-21 株式会社OPTiM 用户终端、未授权网站信息管理服务器及相应方法和程序
CN103281301A (zh) * 2013-04-28 2013-09-04 上海海事大学 云安全恶意程序判断系统及方法
CN103428212A (zh) * 2013-08-08 2013-12-04 电子科技大学 一种恶意代码检测及防御的方法

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110532768A (zh) * 2019-08-21 2019-12-03 东软医疗系统股份有限公司 系统安全加固方法及装置
TWI747093B (zh) * 2019-12-03 2021-11-21 中華電信股份有限公司 驗證惡意加密連線的方法及系統
CN111814909A (zh) * 2020-08-06 2020-10-23 蔡淦祺 基于网络直播和在线电商带货的信息处理方法及云服务器

Also Published As

Publication number Publication date
EP3225009A1 (en) 2017-10-04
CN107251513A (zh) 2017-10-13
CA2968201A1 (en) 2016-06-02
EP3225010A1 (en) 2017-10-04
EP3225010B1 (en) 2018-09-26
WO2016084073A1 (en) 2016-06-02
WO2016084076A1 (en) 2016-06-02
SG11201704060RA (en) 2017-06-29
US9954980B2 (en) 2018-04-24
IL252501A0 (en) 2017-07-31
HK1244125B (en) 2019-08-02
CN107251513B (zh) 2020-06-09
IL252500A0 (en) 2017-07-31
JP2017539039A (ja) 2017-12-28
SG11201704059RA (en) 2017-06-29
CA2968327C (en) 2021-04-06
IL252501B (en) 2020-09-30
US20160149937A1 (en) 2016-05-26
IL252500B (en) 2018-07-31
JP6334069B2 (ja) 2018-05-30
US20180241853A1 (en) 2018-08-23
JP6758581B2 (ja) 2020-09-23
US10334083B2 (en) 2019-06-25
US20160149887A1 (en) 2016-05-26
JP2018501591A (ja) 2018-01-18
EP3225009B1 (en) 2024-01-03
US10264104B2 (en) 2019-04-16
CA2968327A1 (en) 2016-06-02
CA2968201C (en) 2021-01-05

Similar Documents

Publication Publication Date Title
EP3225009B1 (en) Systems and methods for malicious code detection
EP3014813B1 (en) Rootkit detection by using hardware resources to detect inconsistencies in network traffic
KR102368170B1 (ko) 멀웨어의 자동화된 런타임 검출
US20170111391A1 (en) Enhanced intrusion prevention system
US20260122103A1 (en) Detecting and mitigating bluetooth based attacks
US12445484B2 (en) Inline ransomware detection via server message block (SMB) traffic
CN108959917A (zh) 一种电子邮件检测的方法、装置、设备及可读存储介质
TWI711939B (zh) 用於惡意程式碼檢測之系統及方法
HK1244367A1 (en) Systems and methods for malicious code detection
HK1244367B (en) Systems and methods for malicious code detection
CN113726799B (zh) 针对应用层攻击的处理方法、装置、系统和设备
Afzulpurkar et al. Outgoing data filtration for detecting spyware on personal computers
CN119544320A (zh) 一种外联行为处理方法、装置、终端设备及存储介质
CN119652798A (zh) 流量检测方法、装置、电子设备及计算机存储介质

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20200804

Address after: Sunnyvale, California, USA

Applicant after: Fortinet, Inc.

Address before: Hezria, Israel

Applicant before: ENSILO Ltd.

TA01 Transfer of patent application right
RJ01 Rejection of invention patent application after publication

Application publication date: 20170926

RJ01 Rejection of invention patent application after publication