CN1318932C - 用于自动确定程序的潜在蠕虫样行为的方法与装置 - Google Patents

用于自动确定程序的潜在蠕虫样行为的方法与装置 Download PDF

Info

Publication number
CN1318932C
CN1318932C CNB038174294A CN03817429A CN1318932C CN 1318932 C CN1318932 C CN 1318932C CN B038174294 A CNB038174294 A CN B038174294A CN 03817429 A CN03817429 A CN 03817429A CN 1318932 C CN1318932 C CN 1318932C
Authority
CN
China
Prior art keywords
program
worm
behavior
network
environment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
CNB038174294A
Other languages
English (en)
Chinese (zh)
Other versions
CN1672111A (zh
Inventor
威廉·卡里斯利·阿诺尔德
戴维·迈克尔·切斯
约翰·弗雷德里克·莫拉尔
阿拉·西格尔
伊恩·尼古拉斯·沃利
斯蒂夫·理查德·怀特
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Finn Ltd By Share Ltd
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Publication of CN1672111A publication Critical patent/CN1672111A/zh
Application granted granted Critical
Publication of CN1318932C publication Critical patent/CN1318932C/zh
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Debugging And Monitoring (AREA)
  • Computer And Data Communications (AREA)
  • Stored Programmes (AREA)
  • Test And Diagnosis Of Digital Computers (AREA)
  • Investigation Of Foundation Soil And Reinforcement Of Foundation Soil By Compacting Or Drainage (AREA)
CNB038174294A 2002-07-23 2003-07-17 用于自动确定程序的潜在蠕虫样行为的方法与装置 Expired - Lifetime CN1318932C (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/202,517 2002-07-23
US10/202,517 US7487543B2 (en) 2002-07-23 2002-07-23 Method and apparatus for the automatic determination of potentially worm-like behavior of a program

Publications (2)

Publication Number Publication Date
CN1672111A CN1672111A (zh) 2005-09-21
CN1318932C true CN1318932C (zh) 2007-05-30

Family

ID=30769844

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB038174294A Expired - Lifetime CN1318932C (zh) 2002-07-23 2003-07-17 用于自动确定程序的潜在蠕虫样行为的方法与装置

Country Status (9)

Country Link
US (2) US7487543B2 (enExample)
EP (1) EP1543396B1 (enExample)
JP (1) JP2005534092A (enExample)
CN (1) CN1318932C (enExample)
AT (1) ATE353452T1 (enExample)
AU (1) AU2003244875A1 (enExample)
DE (1) DE60311666T2 (enExample)
TW (1) TWI225985B (enExample)
WO (1) WO2004010269A2 (enExample)

Families Citing this family (212)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7293290B2 (en) * 2003-02-06 2007-11-06 Symantec Corporation Dynamic detection of computer worms
US7392295B2 (en) * 2004-02-19 2008-06-24 Microsoft Corporation Method and system for collecting information from computer systems based on a trusted relationship
US7584382B2 (en) * 2004-02-19 2009-09-01 Microsoft Corporation Method and system for troubleshooting a misconfiguration of a computer system based on configurations of other computer systems
US7752662B2 (en) * 2004-02-20 2010-07-06 Imperva, Inc. Method and apparatus for high-speed detection and blocking of zero day worm attacks
US9027135B1 (en) 2004-04-01 2015-05-05 Fireeye, Inc. Prospective client identification using malware attack detection
US8566946B1 (en) 2006-04-20 2013-10-22 Fireeye, Inc. Malware containment on connection
US9106694B2 (en) 2004-04-01 2015-08-11 Fireeye, Inc. Electronic message analysis for malware detection
US8528086B1 (en) 2004-04-01 2013-09-03 Fireeye, Inc. System and method of detecting computer worms
US8561177B1 (en) 2004-04-01 2013-10-15 Fireeye, Inc. Systems and methods for detecting communication channels of bots
US8898788B1 (en) 2004-04-01 2014-11-25 Fireeye, Inc. Systems and methods for malware attack prevention
US8204984B1 (en) 2004-04-01 2012-06-19 Fireeye, Inc. Systems and methods for detecting encrypted bot command and control communication channels
US8006305B2 (en) * 2004-06-14 2011-08-23 Fireeye, Inc. Computer worm defense system and method
US8375444B2 (en) 2006-04-20 2013-02-12 Fireeye, Inc. Dynamic signature creation and enforcement
US8793787B2 (en) 2004-04-01 2014-07-29 Fireeye, Inc. Detecting malicious network content using virtual environment components
US8584239B2 (en) 2004-04-01 2013-11-12 Fireeye, Inc. Virtual machine with dynamic data flow analysis
US8171553B2 (en) 2004-04-01 2012-05-01 Fireeye, Inc. Heuristic based capture with replay to virtual machine
US8539582B1 (en) 2004-04-01 2013-09-17 Fireeye, Inc. Malware containment and security analysis on connection
US8549638B2 (en) 2004-06-14 2013-10-01 Fireeye, Inc. System and method of containing computer worms
US7587537B1 (en) 2007-11-30 2009-09-08 Altera Corporation Serializer-deserializer circuits formed from input-output circuit registers
US8881282B1 (en) 2004-04-01 2014-11-04 Fireeye, Inc. Systems and methods for malware attack detection and identification
US20050268112A1 (en) * 2004-05-28 2005-12-01 Microsoft Corporation Managing spyware and unwanted software through auto-start extensibility points
US7814550B2 (en) * 2004-10-26 2010-10-12 The Mitre Corporation System and method to emulate mobile logic in a communication system
US8516583B2 (en) 2005-03-31 2013-08-20 Microsoft Corporation Aggregating the knowledge base of computer systems to proactively protect a computer from malware
GB0513375D0 (en) 2005-06-30 2005-08-03 Retento Ltd Computer security
US8161548B1 (en) 2005-08-15 2012-04-17 Trend Micro, Inc. Malware detection using pattern classification
KR100791290B1 (ko) * 2006-02-10 2008-01-04 삼성전자주식회사 디바이스 간에 악성 어플리케이션의 행위 정보를 사용하는장치 및 방법
US7840958B1 (en) * 2006-02-17 2010-11-23 Trend Micro, Inc. Preventing spyware installation
US8640235B2 (en) * 2006-03-31 2014-01-28 Symantec Corporation Determination of malicious entities
KR20070099200A (ko) * 2006-04-03 2007-10-09 삼성전자주식회사 휴대형 무선 기기의 응용 모듈 접근 제한 장치 및 이를이용한 접근 제한 방법
JP2007334536A (ja) * 2006-06-14 2007-12-27 Securebrain Corp マルウェアの挙動解析システム
FI20060665A0 (fi) * 2006-07-07 2006-07-07 Nokia Corp Poikkeavuuden havaitseminen
US8151352B1 (en) * 2006-07-14 2012-04-03 Bitdefender IPR Managament Ltd. Anti-malware emulation systems and methods
JP2008129707A (ja) * 2006-11-17 2008-06-05 Lac Co Ltd プログラム分析装置、プログラム分析方法、及びプログラム
ES2446944T3 (es) * 2007-04-12 2014-03-10 Core Sdi, Incorporated Sistema, método y medio legible por ordenador para proporcionar pruebas de penetración de red
US7912894B2 (en) * 2007-05-15 2011-03-22 Adams Phillip M Computerized, copy-detection and discrimination apparatus and method
CN101350054B (zh) * 2007-10-15 2011-05-25 北京瑞星信息技术有限公司 计算机有害程序自动防护方法及装置
US8806619B2 (en) * 2007-12-20 2014-08-12 Cybernet Systems Corporation System and methods for detecting software vulnerabilities and malicious code
US8434151B1 (en) * 2008-01-04 2013-04-30 International Business Machines Corporation Detecting malicious software
JP4755658B2 (ja) * 2008-01-30 2011-08-24 日本電信電話株式会社 解析システム、解析方法および解析プログラム
US9779234B2 (en) * 2008-06-18 2017-10-03 Symantec Corporation Software reputation establishment and monitoring system and method
JP5009244B2 (ja) * 2008-07-07 2012-08-22 日本電信電話株式会社 マルウェア検知システム、マルウェア検知方法及びマルウェア検知プログラム
US8997219B2 (en) 2008-11-03 2015-03-31 Fireeye, Inc. Systems and methods for detecting malicious PDF network content
US8850571B2 (en) * 2008-11-03 2014-09-30 Fireeye, Inc. Systems and methods for detecting malicious network content
US8443447B1 (en) * 2009-08-06 2013-05-14 Trend Micro Incorporated Apparatus and method for detecting malware-infected electronic mail
US8161552B1 (en) 2009-09-23 2012-04-17 Trend Micro, Inc. White list creation in behavior monitoring system
US8832829B2 (en) * 2009-09-30 2014-09-09 Fireeye, Inc. Network-based binary file extraction and analysis for malware detection
US8474040B2 (en) * 2010-02-19 2013-06-25 International Business Machines Corporation Environmental imaging
US10210162B1 (en) 2010-03-29 2019-02-19 Carbonite, Inc. Log file management
RU2506638C2 (ru) 2011-06-28 2014-02-10 Закрытое акционерное общество "Лаборатория Касперского" Система и способ аппаратного обнаружения и лечения неизвестного вредоносного программного обеспечения, установленного на персональном компьютере
US9519782B2 (en) 2012-02-24 2016-12-13 Fireeye, Inc. Detecting malicious network content
US9715325B1 (en) 2012-06-21 2017-07-25 Open Text Corporation Activity stream based interaction
US10572665B2 (en) 2012-12-28 2020-02-25 Fireeye, Inc. System and method to create a number of breakpoints in a virtual machine via virtual machine trapping events
US10089582B2 (en) 2013-01-02 2018-10-02 Qualcomm Incorporated Using normalized confidence values for classifying mobile device behaviors
KR20150119895A (ko) * 2013-02-15 2015-10-26 퀄컴 인코포레이티드 다수의 분석기 모델 제공자들을 갖는 이동 디바이스에서의 온-라인 거동 분석 엔진
US8990944B1 (en) 2013-02-23 2015-03-24 Fireeye, Inc. Systems and methods for automatically detecting backdoors
US9159035B1 (en) 2013-02-23 2015-10-13 Fireeye, Inc. Framework for computer application analysis of sensitive information tracking
US9176843B1 (en) 2013-02-23 2015-11-03 Fireeye, Inc. Framework for efficient security coverage of mobile software applications
US9367681B1 (en) 2013-02-23 2016-06-14 Fireeye, Inc. Framework for efficient security coverage of mobile software applications using symbolic execution to reach regions of interest within an application
US9195829B1 (en) 2013-02-23 2015-11-24 Fireeye, Inc. User interface with real-time visual playback along with synchronous textual analysis log display and event/time index for anomalous behavior detection in applications
US9824209B1 (en) 2013-02-23 2017-11-21 Fireeye, Inc. Framework for efficient security coverage of mobile software applications that is usable to harden in the field code
US9009823B1 (en) 2013-02-23 2015-04-14 Fireeye, Inc. Framework for efficient security coverage of mobile software applications installed on mobile devices
US9009822B1 (en) 2013-02-23 2015-04-14 Fireeye, Inc. Framework for multi-phase analysis of mobile applications
US9565202B1 (en) 2013-03-13 2017-02-07 Fireeye, Inc. System and method for detecting exfiltration content
US9626509B1 (en) 2013-03-13 2017-04-18 Fireeye, Inc. Malicious content analysis with multi-version application support within single operating environment
US9355247B1 (en) 2013-03-13 2016-05-31 Fireeye, Inc. File extraction from memory dump for malicious content analysis
US9104867B1 (en) 2013-03-13 2015-08-11 Fireeye, Inc. Malicious content analysis using simulated user interaction without user involvement
US9311479B1 (en) 2013-03-14 2016-04-12 Fireeye, Inc. Correlation and consolidation of analytic data for holistic view of a malware attack
US9430646B1 (en) 2013-03-14 2016-08-30 Fireeye, Inc. Distributed systems and methods for automatically detecting unknown bots and botnets
WO2014145805A1 (en) 2013-03-15 2014-09-18 Mandiant, Llc System and method employing structured intelligence to verify and contain threats at endpoints
US9251343B1 (en) 2013-03-15 2016-02-02 Fireeye, Inc. Detecting bootkits resident on compromised computers
US10713358B2 (en) 2013-03-15 2020-07-14 Fireeye, Inc. System and method to extract and utilize disassembly features to classify software intent
US9495180B2 (en) 2013-05-10 2016-11-15 Fireeye, Inc. Optimized resource allocation for virtual machines within a malware content detection system
US9635039B1 (en) 2013-05-13 2017-04-25 Fireeye, Inc. Classifying sets of malicious indicators for detecting command and control communications associated with malware
US9536091B2 (en) 2013-06-24 2017-01-03 Fireeye, Inc. System and method for detecting time-bomb malware
US10133863B2 (en) 2013-06-24 2018-11-20 Fireeye, Inc. Zero-day discovery system
US9888016B1 (en) 2013-06-28 2018-02-06 Fireeye, Inc. System and method for detecting phishing using password prediction
US9300686B2 (en) 2013-06-28 2016-03-29 Fireeye, Inc. System and method for detecting malicious links in electronic messages
US9628507B2 (en) 2013-09-30 2017-04-18 Fireeye, Inc. Advanced persistent threat (APT) detection center
US10515214B1 (en) 2013-09-30 2019-12-24 Fireeye, Inc. System and method for classifying malware within content created during analysis of a specimen
US10089461B1 (en) 2013-09-30 2018-10-02 Fireeye, Inc. Page replacement code injection
US9294501B2 (en) 2013-09-30 2016-03-22 Fireeye, Inc. Fuzzy hash of behavioral results
US9690936B1 (en) 2013-09-30 2017-06-27 Fireeye, Inc. Multistage system and method for analyzing obfuscated content for malware
US10192052B1 (en) 2013-09-30 2019-01-29 Fireeye, Inc. System, apparatus and method for classifying a file as malicious using static scanning
US9171160B2 (en) 2013-09-30 2015-10-27 Fireeye, Inc. Dynamically adaptive framework and method for classifying malware using intelligent static, emulation, and dynamic analyses
US9736179B2 (en) 2013-09-30 2017-08-15 Fireeye, Inc. System, apparatus and method for using malware analysis results to drive adaptive instrumentation of virtual machines to improve exploit detection
US9921978B1 (en) 2013-11-08 2018-03-20 Fireeye, Inc. System and method for enhanced security of storage devices
US9189627B1 (en) 2013-11-21 2015-11-17 Fireeye, Inc. System, apparatus and method for conducting on-the-fly decryption of encrypted objects for malware detection
US9747446B1 (en) 2013-12-26 2017-08-29 Fireeye, Inc. System and method for run-time object classification
US9756074B2 (en) 2013-12-26 2017-09-05 Fireeye, Inc. System and method for IPS and VM-based detection of suspicious objects
US9292686B2 (en) 2014-01-16 2016-03-22 Fireeye, Inc. Micro-virtualization architecture for threat-aware microvisor deployment in a node of a network environment
CN103793597B (zh) * 2014-01-16 2017-02-22 同济大学 基于完备主干子系统的模型相似度度量方法
US9262635B2 (en) 2014-02-05 2016-02-16 Fireeye, Inc. Detection efficacy of virtual machine-based analysis with application specific events
US9241010B1 (en) 2014-03-20 2016-01-19 Fireeye, Inc. System and method for network behavior detection
US10242185B1 (en) 2014-03-21 2019-03-26 Fireeye, Inc. Dynamic guest image creation and rollback
US9591015B1 (en) 2014-03-28 2017-03-07 Fireeye, Inc. System and method for offloading packet processing and static analysis operations
US9223972B1 (en) 2014-03-31 2015-12-29 Fireeye, Inc. Dynamically remote tuning of a malware content detection system
US9432389B1 (en) 2014-03-31 2016-08-30 Fireeye, Inc. System, apparatus and method for detecting a malicious attack based on static analysis of a multi-flow object
US9594912B1 (en) 2014-06-06 2017-03-14 Fireeye, Inc. Return-oriented programming detection
US9438623B1 (en) 2014-06-06 2016-09-06 Fireeye, Inc. Computer exploit detection using heap spray pattern matching
US9973531B1 (en) 2014-06-06 2018-05-15 Fireeye, Inc. Shellcode detection
WO2015194438A1 (ja) * 2014-06-17 2015-12-23 日本電信電話株式会社 情報処理システム、制御方法及び制御プログラム
US10686759B2 (en) 2014-06-22 2020-06-16 Webroot, Inc. Network threat prediction and blocking
US10084813B2 (en) 2014-06-24 2018-09-25 Fireeye, Inc. Intrusion prevention and remedy system
US9398028B1 (en) 2014-06-26 2016-07-19 Fireeye, Inc. System, device and method for detecting a malicious attack based on communcations between remotely hosted virtual machines and malicious web servers
US10805340B1 (en) 2014-06-26 2020-10-13 Fireeye, Inc. Infection vector and malware tracking with an interactive user display
US10002252B2 (en) 2014-07-01 2018-06-19 Fireeye, Inc. Verification of trusted threat-aware microvisor
US9363280B1 (en) 2014-08-22 2016-06-07 Fireeye, Inc. System and method of detecting delivery of malware using cross-customer data
US10671726B1 (en) 2014-09-22 2020-06-02 Fireeye Inc. System and method for malware analysis using thread-level event monitoring
US10027689B1 (en) 2014-09-29 2018-07-17 Fireeye, Inc. Interactive infection visualization for improved exploit detection and signature generation for malware and malware families
US9773112B1 (en) 2014-09-29 2017-09-26 Fireeye, Inc. Exploit detection of malware and malware families
US9690933B1 (en) 2014-12-22 2017-06-27 Fireeye, Inc. Framework for classifying an object as malicious with machine learning for deploying updated predictive models
US10075455B2 (en) 2014-12-26 2018-09-11 Fireeye, Inc. Zero-day rotating guest image profile
US9934376B1 (en) 2014-12-29 2018-04-03 Fireeye, Inc. Malware detection appliance architecture
US9838417B1 (en) 2014-12-30 2017-12-05 Fireeye, Inc. Intelligent context aware user interaction for malware detection
US10148693B2 (en) 2015-03-25 2018-12-04 Fireeye, Inc. Exploit detection system
US9690606B1 (en) 2015-03-25 2017-06-27 Fireeye, Inc. Selective system call monitoring
US9438613B1 (en) 2015-03-30 2016-09-06 Fireeye, Inc. Dynamic content activation for automated analysis of embedded objects
US10474813B1 (en) 2015-03-31 2019-11-12 Fireeye, Inc. Code injection technique for remediation at an endpoint of a network
US9483644B1 (en) 2015-03-31 2016-11-01 Fireeye, Inc. Methods for detecting file altering malware in VM based analysis
US10417031B2 (en) 2015-03-31 2019-09-17 Fireeye, Inc. Selective virtualization for security threat detection
US9654485B1 (en) 2015-04-13 2017-05-16 Fireeye, Inc. Analytics-based security monitoring system and method
US9594904B1 (en) 2015-04-23 2017-03-14 Fireeye, Inc. Detecting malware based on reflection
US10395133B1 (en) 2015-05-08 2019-08-27 Open Text Corporation Image box filtering for optical character recognition
US10599844B2 (en) 2015-05-12 2020-03-24 Webroot, Inc. Automatic threat detection of executable files based on static data analysis
US10454950B1 (en) 2015-06-30 2019-10-22 Fireeye, Inc. Centralized aggregation technique for detecting lateral movement of stealthy cyber-attacks
US10642753B1 (en) 2015-06-30 2020-05-05 Fireeye, Inc. System and method for protecting a software component running in virtual machine using a virtualization layer
US10289686B1 (en) 2015-06-30 2019-05-14 Open Text Corporation Method and system for using dynamic content types
US10726127B1 (en) 2015-06-30 2020-07-28 Fireeye, Inc. System and method for protecting a software component running in a virtual machine through virtual interrupts by the virtualization layer
US11113086B1 (en) 2015-06-30 2021-09-07 Fireeye, Inc. Virtual system and method for securing external network connectivity
US10715542B1 (en) 2015-08-14 2020-07-14 Fireeye, Inc. Mobile application risk analysis
US10176321B2 (en) 2015-09-22 2019-01-08 Fireeye, Inc. Leveraging behavior-based rules for malware family classification
US10033747B1 (en) 2015-09-29 2018-07-24 Fireeye, Inc. System and method for detecting interpreter-based exploit attacks
US9825976B1 (en) 2015-09-30 2017-11-21 Fireeye, Inc. Detection and classification of exploit kits
US9825989B1 (en) 2015-09-30 2017-11-21 Fireeye, Inc. Cyber attack early warning system
US10601865B1 (en) 2015-09-30 2020-03-24 Fireeye, Inc. Detection of credential spearphishing attacks using email analysis
US10210329B1 (en) 2015-09-30 2019-02-19 Fireeye, Inc. Method to detect application execution hijacking using memory protection
US10817606B1 (en) 2015-09-30 2020-10-27 Fireeye, Inc. Detecting delayed activation malware using a run-time monitoring agent and time-dilation logic
US10706149B1 (en) 2015-09-30 2020-07-07 Fireeye, Inc. Detecting delayed activation malware using a primary controller and plural time controllers
US10284575B2 (en) 2015-11-10 2019-05-07 Fireeye, Inc. Launcher for setting analysis environment variations for malware detection
US10846117B1 (en) 2015-12-10 2020-11-24 Fireeye, Inc. Technique for establishing secure communication between host and guest processes of a virtualization architecture
US10447728B1 (en) 2015-12-10 2019-10-15 Fireeye, Inc. Technique for protecting guest processes using a layered virtualization architecture
US10108446B1 (en) 2015-12-11 2018-10-23 Fireeye, Inc. Late load technique for deploying a virtualization layer underneath a running operating system
US10621338B1 (en) 2015-12-30 2020-04-14 Fireeye, Inc. Method to detect forgery and exploits using last branch recording registers
US10565378B1 (en) 2015-12-30 2020-02-18 Fireeye, Inc. Exploit of privilege detection framework
US10133866B1 (en) 2015-12-30 2018-11-20 Fireeye, Inc. System and method for triggering analysis of an object for malware in response to modification of that object
US10050998B1 (en) 2015-12-30 2018-08-14 Fireeye, Inc. Malicious message analysis system
US9824216B1 (en) 2015-12-31 2017-11-21 Fireeye, Inc. Susceptible environment detection system
US11552986B1 (en) 2015-12-31 2023-01-10 Fireeye Security Holdings Us Llc Cyber-security framework for application of virtual features
US10581874B1 (en) 2015-12-31 2020-03-03 Fireeye, Inc. Malware detection system with contextual analysis
US10785255B1 (en) 2016-03-25 2020-09-22 Fireeye, Inc. Cluster configuration within a scalable malware detection system
US10601863B1 (en) 2016-03-25 2020-03-24 Fireeye, Inc. System and method for managing sensor enrollment
US10476906B1 (en) 2016-03-25 2019-11-12 Fireeye, Inc. System and method for managing formation and modification of a cluster within a malware detection system
US10671721B1 (en) 2016-03-25 2020-06-02 Fireeye, Inc. Timeout management services
US10826933B1 (en) 2016-03-31 2020-11-03 Fireeye, Inc. Technique for verifying exploit/malware at malware detection appliance through correlation with endpoints
US10893059B1 (en) 2016-03-31 2021-01-12 Fireeye, Inc. Verification and enhancement using detection systems located at the network periphery and endpoint devices
US10169585B1 (en) 2016-06-22 2019-01-01 Fireeye, Inc. System and methods for advanced malware detection through placement of transition events
US10462173B1 (en) 2016-06-30 2019-10-29 Fireeye, Inc. Malware detection verification and enhancement by coordinating endpoint and malware detection systems
US10592678B1 (en) 2016-09-09 2020-03-17 Fireeye, Inc. Secure communications between peers using a verified virtual trusted platform module
US10474446B2 (en) * 2016-09-16 2019-11-12 Bank Of America Corporation Installation tool for adhering to enterprise requirements
US10491627B1 (en) 2016-09-29 2019-11-26 Fireeye, Inc. Advanced malware detection using similarity analysis
US10795991B1 (en) 2016-11-08 2020-10-06 Fireeye, Inc. Enterprise search
US10587647B1 (en) 2016-11-22 2020-03-10 Fireeye, Inc. Technique for malware detection capability comparison of network security devices
US10552610B1 (en) 2016-12-22 2020-02-04 Fireeye, Inc. Adaptive virtual machine snapshot update framework for malware behavioral analysis
US10581879B1 (en) 2016-12-22 2020-03-03 Fireeye, Inc. Enhanced malware detection for generated objects
US10523609B1 (en) 2016-12-27 2019-12-31 Fireeye, Inc. Multi-vector malware detection and analysis
US10904286B1 (en) 2017-03-24 2021-01-26 Fireeye, Inc. Detection of phishing attacks using similarity analysis
US10554507B1 (en) 2017-03-30 2020-02-04 Fireeye, Inc. Multi-level control for enhanced resource and object evaluation management of malware detection system
US10798112B2 (en) 2017-03-30 2020-10-06 Fireeye, Inc. Attribute-controlled malware detection
US10791138B1 (en) 2017-03-30 2020-09-29 Fireeye, Inc. Subscription-based malware detection
US10902119B1 (en) 2017-03-30 2021-01-26 Fireeye, Inc. Data extraction system for malware analysis
US10503904B1 (en) 2017-06-29 2019-12-10 Fireeye, Inc. Ransomware detection and mitigation
US10601848B1 (en) 2017-06-29 2020-03-24 Fireeye, Inc. Cyber-security system and method for weak indicator detection and correlation to generate strong indicators
US10855700B1 (en) 2017-06-29 2020-12-01 Fireeye, Inc. Post-intrusion detection of cyber-attacks during lateral movement within networks
US10893068B1 (en) 2017-06-30 2021-01-12 Fireeye, Inc. Ransomware file modification prevention technique
JP6829168B2 (ja) * 2017-09-04 2021-02-10 株式会社東芝 情報処理装置、情報処理方法およびプログラム
US10747872B1 (en) 2017-09-27 2020-08-18 Fireeye, Inc. System and method for preventing malware evasion
US10805346B2 (en) 2017-10-01 2020-10-13 Fireeye, Inc. Phishing attack detection
US11108809B2 (en) 2017-10-27 2021-08-31 Fireeye, Inc. System and method for analyzing binary code for malware classification using artificial neural network techniques
US11240275B1 (en) 2017-12-28 2022-02-01 Fireeye Security Holdings Us Llc Platform and method for performing cybersecurity analyses employing an intelligence hub with a modular architecture
US11005860B1 (en) 2017-12-28 2021-05-11 Fireeye, Inc. Method and system for efficient cybersecurity analysis of endpoint events
US11271955B2 (en) 2017-12-28 2022-03-08 Fireeye Security Holdings Us Llc Platform and method for retroactive reclassification employing a cybersecurity-based global data store
US10728034B2 (en) 2018-02-23 2020-07-28 Webroot Inc. Security privilege escalation exploit detection and mitigation
US10826931B1 (en) 2018-03-29 2020-11-03 Fireeye, Inc. System and method for predicting and mitigating cybersecurity system misconfigurations
US10956477B1 (en) 2018-03-30 2021-03-23 Fireeye, Inc. System and method for detecting malicious scripts through natural language processing modeling
US11003773B1 (en) 2018-03-30 2021-05-11 Fireeye, Inc. System and method for automatically generating malware detection rule recommendations
US11558401B1 (en) 2018-03-30 2023-01-17 Fireeye Security Holdings Us Llc Multi-vector malware detection data sharing system for improved detection
US11075930B1 (en) 2018-06-27 2021-07-27 Fireeye, Inc. System and method for detecting repetitive cybersecurity attacks constituting an email campaign
US11314859B1 (en) 2018-06-27 2022-04-26 FireEye Security Holdings, Inc. Cyber-security system and method for detecting escalation of privileges within an access token
US11228491B1 (en) 2018-06-28 2022-01-18 Fireeye Security Holdings Us Llc System and method for distributed cluster configuration monitoring and management
US11316900B1 (en) 2018-06-29 2022-04-26 FireEye Security Holdings Inc. System and method for automatically prioritizing rules for cyber-threat detection and mitigation
US11182473B1 (en) 2018-09-13 2021-11-23 Fireeye Security Holdings Us Llc System and method for mitigating cyberattacks against processor operability by a guest process
US11763004B1 (en) 2018-09-27 2023-09-19 Fireeye Security Holdings Us Llc System and method for bootkit detection
US11743290B2 (en) 2018-12-21 2023-08-29 Fireeye Security Holdings Us Llc System and method for detecting cyberattacks impersonating legitimate sources
US12074887B1 (en) 2018-12-21 2024-08-27 Musarubra Us Llc System and method for selectively processing content after identification and removal of malicious content
US11176251B1 (en) 2018-12-21 2021-11-16 Fireeye, Inc. Determining malware via symbolic function hash analysis
US11368475B1 (en) 2018-12-21 2022-06-21 Fireeye Security Holdings Us Llc System and method for scanning remote services to locate stored objects with malware
US11601444B1 (en) 2018-12-31 2023-03-07 Fireeye Security Holdings Us Llc Automated system for triage of customer issues
US10642715B1 (en) * 2019-02-21 2020-05-05 Cyberark Software Ltd. Dynamic authorization of requested actions using adaptive context-based matching
US11310238B1 (en) 2019-03-26 2022-04-19 FireEye Security Holdings, Inc. System and method for retrieval and analysis of operational data from customer, cloud-hosted virtual resources
US11314863B2 (en) 2019-03-27 2022-04-26 Webroot, Inc. Behavioral threat detection definition and compilation
US11677786B1 (en) 2019-03-29 2023-06-13 Fireeye Security Holdings Us Llc System and method for detecting and protecting against cybersecurity attacks on servers
US11636198B1 (en) 2019-03-30 2023-04-25 Fireeye Security Holdings Us Llc System and method for cybersecurity analyzer update and concurrent management system
US11258806B1 (en) 2019-06-24 2022-02-22 Mandiant, Inc. System and method for automatically associating cybersecurity intelligence to cyberthreat actors
US11556640B1 (en) 2019-06-27 2023-01-17 Mandiant, Inc. Systems and methods for automated cybersecurity analysis of extracted binary string sets
US11392700B1 (en) 2019-06-28 2022-07-19 Fireeye Security Holdings Us Llc System and method for supporting cross-platform data verification
US12445458B1 (en) 2019-06-28 2025-10-14 Google Llc System and method for identifying malicious hosts prior to commencement of a cyber-attack
US12200013B2 (en) 2019-08-07 2025-01-14 Musarubra Us Llc System and method for detecting cyberattacks impersonating legitimate sources
US11886585B1 (en) 2019-09-27 2024-01-30 Musarubra Us Llc System and method for identifying and mitigating cyberattacks through malicious position-independent code execution
US11637862B1 (en) 2019-09-30 2023-04-25 Mandiant, Inc. System and method for surfacing cyber-security threats with a self-learning recommendation engine
US11838300B1 (en) 2019-12-24 2023-12-05 Musarubra Us Llc Run-time configurable cybersecurity system
US11436327B1 (en) 2019-12-24 2022-09-06 Fireeye Security Holdings Us Llc System and method for circumventing evasive code for cyberthreat detection
US11522884B1 (en) 2019-12-24 2022-12-06 Fireeye Security Holdings Us Llc Subscription and key management system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999066386A1 (en) * 1998-06-18 1999-12-23 Babak Ahmadi Bait software
CN1314638A (zh) * 2001-04-29 2001-09-26 北京瑞星科技股份有限公司 检测和清除已知及未知计算机病毒的方法、系统和介质
WO2002006928A2 (en) * 2000-07-14 2002-01-24 Vcis, Inc. Computer immune system and method for detecting unwanted code in a computer system
WO2002027440A2 (en) * 2000-09-26 2002-04-04 Koninklijke Philips Electronics N.V. Security monitor of system running software simulator in parallel
WO2002037740A2 (en) * 2000-11-02 2002-05-10 Koninklijke Philips Electronics N.V. Visual anti-virus in a network control environment

Family Cites Families (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5440723A (en) * 1993-01-19 1995-08-08 International Business Machines Corporation Automatic immune system for computers and computer networks
US5398196A (en) 1993-07-29 1995-03-14 Chambers; David A. Method and apparatus for detection of computer viruses
WO1995033237A1 (en) 1994-06-01 1995-12-07 Quantum Leap Innovations Inc. Computer virus trap
US5636371A (en) 1995-06-07 1997-06-03 Bull Hn Information Systems Inc. Virtual network mechanism to access well known port application programs running on a single host system
US5734865A (en) 1995-06-07 1998-03-31 Bull Hn Information Systems Inc. Virtual local area network well-known port routing mechanism for mult--emulators in an open system environment
US6006328A (en) * 1995-07-14 1999-12-21 Christopher N. Drake Computer software authentication, protection, and security system
US5889943A (en) * 1995-09-26 1999-03-30 Trend Micro Incorporated Apparatus and method for electronic mail virus detection and elimination
US5826013A (en) 1995-09-28 1998-10-20 Symantec Corporation Polymorphic virus detection module
US5812826A (en) 1996-06-27 1998-09-22 Mci Communications Corporation Method and apparatus for emulating a network of state monitoring devices
US5978917A (en) 1997-08-14 1999-11-02 Symantec Corporation Detection and elimination of macro viruses
US6192512B1 (en) 1998-09-24 2001-02-20 International Business Machines Corporation Interpreter with virtualized interface
US6321338B1 (en) * 1998-11-09 2001-11-20 Sri International Network surveillance
US6842861B1 (en) * 2000-03-24 2005-01-11 Networks Associates Technology, Inc. Method and system for detecting viruses on handheld computers
US7328349B2 (en) * 2001-12-14 2008-02-05 Bbn Technologies Corp. Hash-based systems and methods for detecting, preventing, and tracing network worms and viruses
US6981279B1 (en) 2000-08-17 2005-12-27 International Business Machines Corporation Method and apparatus for replicating and analyzing worm programs
US6981278B1 (en) * 2000-09-05 2005-12-27 Sterling Commerce, Inc. System and method for secure dual channel communication through a firewall
US6886099B1 (en) * 2000-09-12 2005-04-26 Networks Associates Technology, Inc. Computer virus detection
JP2002182942A (ja) * 2000-12-18 2002-06-28 Yokogawa Electric Corp コンテンツ認証システム
US6766475B2 (en) * 2001-01-04 2004-07-20 International Business Machines Corporation Method and apparatus for exercising an unknown program with a graphical user interface
GB2371125A (en) * 2001-01-13 2002-07-17 Secr Defence Computer protection system
US7421587B2 (en) * 2001-07-26 2008-09-02 Mcafee, Inc. Detecting computer programs within packed computer files
US7340774B2 (en) * 2001-10-15 2008-03-04 Mcafee, Inc. Malware scanning as a low priority task
US6772345B1 (en) * 2002-02-08 2004-08-03 Networks Associates Technology, Inc. Protocol-level malware scanner
US6785820B1 (en) * 2002-04-02 2004-08-31 Networks Associates Technology, Inc. System, method and computer program product for conditionally updating a security program
US7103913B2 (en) * 2002-05-08 2006-09-05 International Business Machines Corporation Method and apparatus for determination of the non-replicative behavior of a malicious program
US7379857B2 (en) * 2002-05-10 2008-05-27 Lockheed Martin Corporation Method and system for simulating computer networks to facilitate testing of computer network security
US7370360B2 (en) * 2002-05-13 2008-05-06 International Business Machines Corporation Computer immune system and method for detecting unwanted code in a P-code or partially compiled native-code program executing within a virtual machine
US20040093514A1 (en) * 2002-11-08 2004-05-13 International Business Machines Corporation Method for automatically isolating worm and hacker attacks within a local area network
US20040111531A1 (en) * 2002-12-06 2004-06-10 Stuart Staniford Method and system for reducing the rate of infection of a communications network by a software worm
US7418730B2 (en) * 2002-12-17 2008-08-26 International Business Machines Corporation Automatic client responses to worm or hacker attacks
US7552473B2 (en) * 2003-08-12 2009-06-23 Symantec Corporation Detecting and blocking drive sharing worms
US7752662B2 (en) * 2004-02-20 2010-07-06 Imperva, Inc. Method and apparatus for high-speed detection and blocking of zero day worm attacks
JP4480422B2 (ja) * 2004-03-05 2010-06-16 富士通株式会社 不正アクセス阻止方法、装置及びシステム並びにプログラム
US7603715B2 (en) * 2004-07-21 2009-10-13 Microsoft Corporation Containment of worms
US7797749B2 (en) * 2004-11-03 2010-09-14 Intel Corporation Defending against worm or virus attacks on networks
US7810158B2 (en) * 2004-12-16 2010-10-05 At&T Intellectual Property I, L.P. Methods and systems for deceptively trapping electronic worms
KR100690187B1 (ko) * 2005-06-21 2007-03-09 주식회사 안철수연구소 악성 코드 차단 방법 및 장치 및 그 시스템
KR100642716B1 (ko) * 2005-08-22 2006-11-10 이채현 에이알피 패킷을 이용한 웜 탐지 방법 및 그 장치
WO2007038517A1 (en) * 2005-09-26 2007-04-05 Wiresoft, Inc. Methods, software and apparatus for detecting and neutralizing viruses from computer systems and networks

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999066386A1 (en) * 1998-06-18 1999-12-23 Babak Ahmadi Bait software
WO2002006928A2 (en) * 2000-07-14 2002-01-24 Vcis, Inc. Computer immune system and method for detecting unwanted code in a computer system
WO2002027440A2 (en) * 2000-09-26 2002-04-04 Koninklijke Philips Electronics N.V. Security monitor of system running software simulator in parallel
WO2002037740A2 (en) * 2000-11-02 2002-05-10 Koninklijke Philips Electronics N.V. Visual anti-virus in a network control environment
CN1314638A (zh) * 2001-04-29 2001-09-26 北京瑞星科技股份有限公司 检测和清除已知及未知计算机病毒的方法、系统和介质

Also Published As

Publication number Publication date
WO2004010269A3 (en) 2004-03-11
WO2004010269A2 (en) 2004-01-29
EP1543396B1 (en) 2007-02-07
TW200404203A (en) 2004-03-16
US7487543B2 (en) 2009-02-03
JP2005534092A (ja) 2005-11-10
DE60311666T2 (de) 2007-11-22
TWI225985B (en) 2005-01-01
DE60311666D1 (de) 2007-03-22
EP1543396A2 (en) 2005-06-22
ATE353452T1 (de) 2007-02-15
US7996905B2 (en) 2011-08-09
US20040019832A1 (en) 2004-01-29
US20080189787A1 (en) 2008-08-07
AU2003244875A1 (en) 2004-02-09
CN1672111A (zh) 2005-09-21

Similar Documents

Publication Publication Date Title
CN1318932C (zh) 用于自动确定程序的潜在蠕虫样行为的方法与装置
US12032956B2 (en) Techniques to deploy an application as a cloud computing service
Balci Requirements for model development environments
Dunn Software defect removal
TWI438690B (zh) 用於執行多個資訊處理系統間的虛擬機器遷移之方法及裝置,以及資訊技術系統
US7398514B2 (en) Test automation stack layering
US8091066B2 (en) Automated multi-platform build and test environment for software application development
US10255086B2 (en) Determining optimal methods for creating virtual machines
US11487878B1 (en) Identifying cooperating processes for automated containerization
CN103399812A (zh) 基于Xen硬件虚拟化的磁盘文件操作监控系统及监控方法
US11442765B1 (en) Identifying dependencies for processes for automated containerization
US9256509B1 (en) Computing environment analyzer
US10572247B2 (en) Prototype management system
US20170091076A1 (en) Debugging remote vertex code on test machine
US11755458B2 (en) Automatic software behavior identification using execution record
WO2024258890A1 (en) Automated code scanning for pre-emptive issue detection and resolution
US20230195455A1 (en) Automated Developer Governance System
US20240303184A1 (en) Intelligent test case management in computer software applications
US11429871B2 (en) Detection of data offloading through instrumentation analysis
JP7328922B2 (ja) 設定装置、設定方法、及びプログラム
US20250004756A1 (en) Software deployment pipeline evaluation using presence of designated functions
US20250036548A1 (en) Determining non-functional requirements (nfr) from a run time environment and incorporating into a development cycle
CN105718341A (zh) 一种测试的方法及管理装置
Bruno et al. Podman vs Docker comparison via R Shiny project deployment
KR20050016662A (ko) 잠재적 악성 작용의 자동 판정 방법, 데이터 처리 시스템 및 컴퓨터 판독 가능 기록 매체

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
ASS Succession or assignment of patent right

Owner name: TREND TECHNOLOGY CORP.

Free format text: FORMER OWNER: INTERNATIONAL BUSINESS MACHINES CORP.

Effective date: 20100715

C41 Transfer of patent application or patent right or utility model
COR Change of bibliographic data

Free format text: CORRECT: ADDRESS; FROM: NEW YORK, THE USA TO: TOKYO METROPOLIS, JAPAN

TR01 Transfer of patent right

Effective date of registration: 20100715

Address after: Tokyo, Japan

Patentee after: Trend Micro Inc.

Address before: American New York

Patentee before: International Business Machines Corp.

TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20190118

Address after: California, USA

Patentee after: Finn Limited by Share Ltd.

Address before: Tokyo, Japan

Patentee before: Trend Micro Inc.

CX01 Expiry of patent term

Granted publication date: 20070530

CX01 Expiry of patent term