JP5562961B2 - マルウェア検知のシステムおよび方法 - Google Patents

マルウェア検知のシステムおよび方法 Download PDF

Info

Publication number
JP5562961B2
JP5562961B2 JP2011525271A JP2011525271A JP5562961B2 JP 5562961 B2 JP5562961 B2 JP 5562961B2 JP 2011525271 A JP2011525271 A JP 2011525271A JP 2011525271 A JP2011525271 A JP 2011525271A JP 5562961 B2 JP5562961 B2 JP 5562961B2
Authority
JP
Japan
Prior art keywords
knowledge base
expert system
instruction sequence
sequence
rules
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
JP2011525271A
Other languages
English (en)
Japanese (ja)
Other versions
JP2012501504A (ja
JP2012501504A5 (enExample
Inventor
ヒックス、ライアン
Original Assignee
エーブイジー テクノロジーズ シーゼット、エス.アール.オー.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by エーブイジー テクノロジーズ シーゼット、エス.アール.オー. filed Critical エーブイジー テクノロジーズ シーゼット、エス.アール.オー.
Publication of JP2012501504A publication Critical patent/JP2012501504A/ja
Publication of JP2012501504A5 publication Critical patent/JP2012501504A5/ja
Application granted granted Critical
Publication of JP5562961B2 publication Critical patent/JP5562961B2/ja
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N5/00Computing arrangements using knowledge-based models
    • G06N5/02Knowledge representation; Symbolic representation

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Computational Linguistics (AREA)
  • Data Mining & Analysis (AREA)
  • Evolutionary Computation (AREA)
  • Artificial Intelligence (AREA)
  • Mathematical Physics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Stored Programmes (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Machine Translation (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
JP2011525271A 2008-08-29 2009-08-31 マルウェア検知のシステムおよび方法 Active JP5562961B2 (ja)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US9284808P 2008-08-29 2008-08-29
US61/092,848 2008-08-29
US12/550,025 US20100058474A1 (en) 2008-08-29 2009-08-28 System and method for the detection of malware
US12/550,025 2009-08-28
PCT/US2009/055524 WO2010025453A1 (en) 2008-08-29 2009-08-31 System and method for detection of malware

Publications (3)

Publication Number Publication Date
JP2012501504A JP2012501504A (ja) 2012-01-19
JP2012501504A5 JP2012501504A5 (enExample) 2013-05-23
JP5562961B2 true JP5562961B2 (ja) 2014-07-30

Family

ID=41721978

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2011525271A Active JP5562961B2 (ja) 2008-08-29 2009-08-31 マルウェア検知のシステムおよび方法

Country Status (12)

Country Link
US (2) US20100058474A1 (enExample)
EP (1) EP2340488A4 (enExample)
JP (1) JP5562961B2 (enExample)
CN (1) CN102203791A (enExample)
AU (1) AU2009287433B2 (enExample)
BR (1) BRPI0913145A2 (enExample)
CA (1) CA2735600C (enExample)
MY (1) MY165418A (enExample)
RU (1) RU2497189C2 (enExample)
SG (1) SG193808A1 (enExample)
WO (1) WO2010025453A1 (enExample)
ZA (1) ZA201101745B (enExample)

Families Citing this family (181)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7051322B2 (en) 2002-12-06 2006-05-23 @Stake, Inc. Software analysis framework
US7587537B1 (en) 2007-11-30 2009-09-08 Altera Corporation Serializer-deserializer circuits formed from input-output circuit registers
US8881282B1 (en) 2004-04-01 2014-11-04 Fireeye, Inc. Systems and methods for malware attack detection and identification
US8528086B1 (en) 2004-04-01 2013-09-03 Fireeye, Inc. System and method of detecting computer worms
US8793787B2 (en) 2004-04-01 2014-07-29 Fireeye, Inc. Detecting malicious network content using virtual environment components
US9106694B2 (en) 2004-04-01 2015-08-11 Fireeye, Inc. Electronic message analysis for malware detection
US8566946B1 (en) 2006-04-20 2013-10-22 Fireeye, Inc. Malware containment on connection
US8549638B2 (en) 2004-06-14 2013-10-01 Fireeye, Inc. System and method of containing computer worms
US8539582B1 (en) 2004-04-01 2013-09-17 Fireeye, Inc. Malware containment and security analysis on connection
US8171553B2 (en) 2004-04-01 2012-05-01 Fireeye, Inc. Heuristic based capture with replay to virtual machine
US8613080B2 (en) 2007-02-16 2013-12-17 Veracode, Inc. Assessment and analysis of software security flaws in virtual machines
US8732455B2 (en) * 2008-07-25 2014-05-20 Infotect Security Pte Ltd Method and system for securing against leakage of source code
US8997219B2 (en) 2008-11-03 2015-03-31 Fireeye, Inc. Systems and methods for detecting malicious PDF network content
US8850571B2 (en) 2008-11-03 2014-09-30 Fireeye, Inc. Systems and methods for detecting malicious network content
US8832829B2 (en) * 2009-09-30 2014-09-09 Fireeye, Inc. Network-based binary file extraction and analysis for malware detection
EP2610776B1 (en) 2011-09-16 2019-08-21 Veracode, Inc. Automated behavioural and static analysis using an instrumented sandbox and machine learning classification for mobile security
RU2011138462A (ru) * 2011-09-20 2013-04-10 Закрытое акционерное общество "Лаборатория Касперского" Использование решений пользователей для обнаружения неизвестных компьютерных угроз
US8533836B2 (en) * 2012-01-13 2013-09-10 Accessdata Group, Llc Identifying software execution behavior
US9286063B2 (en) 2012-02-22 2016-03-15 Veracode, Inc. Methods and systems for providing feedback and suggested programming methods
US9519782B2 (en) 2012-02-24 2016-12-13 Fireeye, Inc. Detecting malicious network content
CN102663281B (zh) * 2012-03-16 2015-03-18 华为数字技术(成都)有限公司 检测恶意软件的方法和装置
CN103065090B (zh) * 2012-12-20 2016-03-23 广东欧珀移动通信有限公司 一种应用程序恶意广告拦截方法及装置
TWI461952B (zh) * 2012-12-26 2014-11-21 Univ Nat Taiwan Science Tech 惡意程式偵測方法與系統
US10572665B2 (en) 2012-12-28 2020-02-25 Fireeye, Inc. System and method to create a number of breakpoints in a virtual machine via virtual machine trapping events
US9195829B1 (en) 2013-02-23 2015-11-24 Fireeye, Inc. User interface with real-time visual playback along with synchronous textual analysis log display and event/time index for anomalous behavior detection in applications
US9009822B1 (en) 2013-02-23 2015-04-14 Fireeye, Inc. Framework for multi-phase analysis of mobile applications
US9009823B1 (en) 2013-02-23 2015-04-14 Fireeye, Inc. Framework for efficient security coverage of mobile software applications installed on mobile devices
US9367681B1 (en) 2013-02-23 2016-06-14 Fireeye, Inc. Framework for efficient security coverage of mobile software applications using symbolic execution to reach regions of interest within an application
US9159035B1 (en) 2013-02-23 2015-10-13 Fireeye, Inc. Framework for computer application analysis of sensitive information tracking
US9176843B1 (en) 2013-02-23 2015-11-03 Fireeye, Inc. Framework for efficient security coverage of mobile software applications
US8990944B1 (en) 2013-02-23 2015-03-24 Fireeye, Inc. Systems and methods for automatically detecting backdoors
US9824209B1 (en) 2013-02-23 2017-11-21 Fireeye, Inc. Framework for efficient security coverage of mobile software applications that is usable to harden in the field code
US9104867B1 (en) 2013-03-13 2015-08-11 Fireeye, Inc. Malicious content analysis using simulated user interaction without user involvement
US9565202B1 (en) 2013-03-13 2017-02-07 Fireeye, Inc. System and method for detecting exfiltration content
US9355247B1 (en) 2013-03-13 2016-05-31 Fireeye, Inc. File extraction from memory dump for malicious content analysis
US9626509B1 (en) 2013-03-13 2017-04-18 Fireeye, Inc. Malicious content analysis with multi-version application support within single operating environment
US9430646B1 (en) 2013-03-14 2016-08-30 Fireeye, Inc. Distributed systems and methods for automatically detecting unknown bots and botnets
US9311479B1 (en) 2013-03-14 2016-04-12 Fireeye, Inc. Correlation and consolidation of analytic data for holistic view of a malware attack
US9251343B1 (en) 2013-03-15 2016-02-02 Fireeye, Inc. Detecting bootkits resident on compromised computers
US10713358B2 (en) 2013-03-15 2020-07-14 Fireeye, Inc. System and method to extract and utilize disassembly features to classify software intent
WO2014145805A1 (en) 2013-03-15 2014-09-18 Mandiant, Llc System and method employing structured intelligence to verify and contain threats at endpoints
RU2531861C1 (ru) * 2013-04-26 2014-10-27 Закрытое акционерное общество "Лаборатория Касперского" Система и способ оценки вредоносности кода, исполняемого в адресном пространстве доверенного процесса
US9495180B2 (en) 2013-05-10 2016-11-15 Fireeye, Inc. Optimized resource allocation for virtual machines within a malware content detection system
US9635039B1 (en) 2013-05-13 2017-04-25 Fireeye, Inc. Classifying sets of malicious indicators for detecting command and control communications associated with malware
US9536091B2 (en) 2013-06-24 2017-01-03 Fireeye, Inc. System and method for detecting time-bomb malware
US10133863B2 (en) 2013-06-24 2018-11-20 Fireeye, Inc. Zero-day discovery system
US9300686B2 (en) 2013-06-28 2016-03-29 Fireeye, Inc. System and method for detecting malicious links in electronic messages
US9888016B1 (en) 2013-06-28 2018-02-06 Fireeye, Inc. System and method for detecting phishing using password prediction
US9171160B2 (en) 2013-09-30 2015-10-27 Fireeye, Inc. Dynamically adaptive framework and method for classifying malware using intelligent static, emulation, and dynamic analyses
US9628507B2 (en) 2013-09-30 2017-04-18 Fireeye, Inc. Advanced persistent threat (APT) detection center
US10192052B1 (en) 2013-09-30 2019-01-29 Fireeye, Inc. System, apparatus and method for classifying a file as malicious using static scanning
US9294501B2 (en) 2013-09-30 2016-03-22 Fireeye, Inc. Fuzzy hash of behavioral results
US9690936B1 (en) 2013-09-30 2017-06-27 Fireeye, Inc. Multistage system and method for analyzing obfuscated content for malware
US10089461B1 (en) 2013-09-30 2018-10-02 Fireeye, Inc. Page replacement code injection
US10515214B1 (en) 2013-09-30 2019-12-24 Fireeye, Inc. System and method for classifying malware within content created during analysis of a specimen
US9736179B2 (en) 2013-09-30 2017-08-15 Fireeye, Inc. System, apparatus and method for using malware analysis results to drive adaptive instrumentation of virtual machines to improve exploit detection
US9189627B1 (en) 2013-11-21 2015-11-17 Fireeye, Inc. System, apparatus and method for conducting on-the-fly decryption of encrypted objects for malware detection
US9756074B2 (en) 2013-12-26 2017-09-05 Fireeye, Inc. System and method for IPS and VM-based detection of suspicious objects
US9747446B1 (en) 2013-12-26 2017-08-29 Fireeye, Inc. System and method for run-time object classification
US9740857B2 (en) 2014-01-16 2017-08-22 Fireeye, Inc. Threat-aware microvisor
US9262635B2 (en) 2014-02-05 2016-02-16 Fireeye, Inc. Detection efficacy of virtual machine-based analysis with application specific events
US9241010B1 (en) 2014-03-20 2016-01-19 Fireeye, Inc. System and method for network behavior detection
US10242185B1 (en) 2014-03-21 2019-03-26 Fireeye, Inc. Dynamic guest image creation and rollback
US9591015B1 (en) 2014-03-28 2017-03-07 Fireeye, Inc. System and method for offloading packet processing and static analysis operations
US9432389B1 (en) 2014-03-31 2016-08-30 Fireeye, Inc. System, apparatus and method for detecting a malicious attack based on static analysis of a multi-flow object
US9223972B1 (en) 2014-03-31 2015-12-29 Fireeye, Inc. Dynamically remote tuning of a malware content detection system
US9594912B1 (en) 2014-06-06 2017-03-14 Fireeye, Inc. Return-oriented programming detection
CN106537333A (zh) * 2014-06-13 2017-03-22 查尔斯斯塔克德拉珀实验室公司 用于软件产物的数据库的系统和方法
US10084813B2 (en) 2014-06-24 2018-09-25 Fireeye, Inc. Intrusion prevention and remedy system
US9398028B1 (en) 2014-06-26 2016-07-19 Fireeye, Inc. System, device and method for detecting a malicious attack based on communcations between remotely hosted virtual machines and malicious web servers
US10805340B1 (en) 2014-06-26 2020-10-13 Fireeye, Inc. Infection vector and malware tracking with an interactive user display
US10002252B2 (en) 2014-07-01 2018-06-19 Fireeye, Inc. Verification of trusted threat-aware microvisor
US10360378B2 (en) 2014-08-22 2019-07-23 Nec Corporation Analysis device, analysis method and computer-readable recording medium
US10671726B1 (en) 2014-09-22 2020-06-02 Fireeye Inc. System and method for malware analysis using thread-level event monitoring
US9773112B1 (en) 2014-09-29 2017-09-26 Fireeye, Inc. Exploit detection of malware and malware families
US10027689B1 (en) 2014-09-29 2018-07-17 Fireeye, Inc. Interactive infection visualization for improved exploit detection and signature generation for malware and malware families
US9197665B1 (en) * 2014-10-31 2015-11-24 Cyberpoint International Llc Similarity search and malware prioritization
US9690933B1 (en) 2014-12-22 2017-06-27 Fireeye, Inc. Framework for classifying an object as malicious with machine learning for deploying updated predictive models
US10075455B2 (en) 2014-12-26 2018-09-11 Fireeye, Inc. Zero-day rotating guest image profile
US9934376B1 (en) 2014-12-29 2018-04-03 Fireeye, Inc. Malware detection appliance architecture
US9838417B1 (en) 2014-12-30 2017-12-05 Fireeye, Inc. Intelligent context aware user interaction for malware detection
US10148693B2 (en) 2015-03-25 2018-12-04 Fireeye, Inc. Exploit detection system
US9690606B1 (en) 2015-03-25 2017-06-27 Fireeye, Inc. Selective system call monitoring
US9438613B1 (en) 2015-03-30 2016-09-06 Fireeye, Inc. Dynamic content activation for automated analysis of embedded objects
US10417031B2 (en) 2015-03-31 2019-09-17 Fireeye, Inc. Selective virtualization for security threat detection
US9483644B1 (en) 2015-03-31 2016-11-01 Fireeye, Inc. Methods for detecting file altering malware in VM based analysis
JP7194499B2 (ja) * 2015-03-31 2022-12-22 ダウ グローバル テクノロジーズ エルエルシー 情報通信ケーブルのためのフラッディング化合物
US10474813B1 (en) 2015-03-31 2019-11-12 Fireeye, Inc. Code injection technique for remediation at an endpoint of a network
US9654485B1 (en) 2015-04-13 2017-05-16 Fireeye, Inc. Analytics-based security monitoring system and method
US9594904B1 (en) 2015-04-23 2017-03-14 Fireeye, Inc. Detecting malware based on reflection
US9516055B1 (en) * 2015-05-29 2016-12-06 Trend Micro Incorporated Automatic malware signature extraction from runtime information
CN104869170B (zh) * 2015-05-29 2018-11-13 四川效率源信息安全技术股份有限公司 针对uc浏览器加密数据文件的解密方法
US11113086B1 (en) 2015-06-30 2021-09-07 Fireeye, Inc. Virtual system and method for securing external network connectivity
US10726127B1 (en) 2015-06-30 2020-07-28 Fireeye, Inc. System and method for protecting a software component running in a virtual machine through virtual interrupts by the virtualization layer
US10642753B1 (en) 2015-06-30 2020-05-05 Fireeye, Inc. System and method for protecting a software component running in virtual machine using a virtualization layer
US10454950B1 (en) 2015-06-30 2019-10-22 Fireeye, Inc. Centralized aggregation technique for detecting lateral movement of stealthy cyber-attacks
US10715542B1 (en) 2015-08-14 2020-07-14 Fireeye, Inc. Mobile application risk analysis
US10176321B2 (en) 2015-09-22 2019-01-08 Fireeye, Inc. Leveraging behavior-based rules for malware family classification
US10033747B1 (en) 2015-09-29 2018-07-24 Fireeye, Inc. System and method for detecting interpreter-based exploit attacks
US10210329B1 (en) 2015-09-30 2019-02-19 Fireeye, Inc. Method to detect application execution hijacking using memory protection
US10601865B1 (en) 2015-09-30 2020-03-24 Fireeye, Inc. Detection of credential spearphishing attacks using email analysis
US9825976B1 (en) 2015-09-30 2017-11-21 Fireeye, Inc. Detection and classification of exploit kits
US10817606B1 (en) 2015-09-30 2020-10-27 Fireeye, Inc. Detecting delayed activation malware using a run-time monitoring agent and time-dilation logic
US9825989B1 (en) 2015-09-30 2017-11-21 Fireeye, Inc. Cyber attack early warning system
US10706149B1 (en) 2015-09-30 2020-07-07 Fireeye, Inc. Detecting delayed activation malware using a primary controller and plural time controllers
US10284575B2 (en) 2015-11-10 2019-05-07 Fireeye, Inc. Launcher for setting analysis environment variations for malware detection
RU2613535C1 (ru) * 2015-11-20 2017-03-16 Илья Самуилович Рабинович Способ обнаружения вредоносных программ и элементов
US10846117B1 (en) 2015-12-10 2020-11-24 Fireeye, Inc. Technique for establishing secure communication between host and guest processes of a virtualization architecture
US10447728B1 (en) 2015-12-10 2019-10-15 Fireeye, Inc. Technique for protecting guest processes using a layered virtualization architecture
US10108446B1 (en) 2015-12-11 2018-10-23 Fireeye, Inc. Late load technique for deploying a virtualization layer underneath a running operating system
US10133866B1 (en) 2015-12-30 2018-11-20 Fireeye, Inc. System and method for triggering analysis of an object for malware in response to modification of that object
US10050998B1 (en) 2015-12-30 2018-08-14 Fireeye, Inc. Malicious message analysis system
US10621338B1 (en) 2015-12-30 2020-04-14 Fireeye, Inc. Method to detect forgery and exploits using last branch recording registers
US10565378B1 (en) 2015-12-30 2020-02-18 Fireeye, Inc. Exploit of privilege detection framework
US9824216B1 (en) 2015-12-31 2017-11-21 Fireeye, Inc. Susceptible environment detection system
US10581874B1 (en) 2015-12-31 2020-03-03 Fireeye, Inc. Malware detection system with contextual analysis
US11552986B1 (en) 2015-12-31 2023-01-10 Fireeye Security Holdings Us Llc Cyber-security framework for application of virtual features
US10785255B1 (en) 2016-03-25 2020-09-22 Fireeye, Inc. Cluster configuration within a scalable malware detection system
US10616266B1 (en) 2016-03-25 2020-04-07 Fireeye, Inc. Distributed malware detection system and submission workflow thereof
US10671721B1 (en) 2016-03-25 2020-06-02 Fireeye, Inc. Timeout management services
US10601863B1 (en) 2016-03-25 2020-03-24 Fireeye, Inc. System and method for managing sensor enrollment
US10826933B1 (en) 2016-03-31 2020-11-03 Fireeye, Inc. Technique for verifying exploit/malware at malware detection appliance through correlation with endpoints
US10893059B1 (en) 2016-03-31 2021-01-12 Fireeye, Inc. Verification and enhancement using detection systems located at the network periphery and endpoint devices
US10169585B1 (en) 2016-06-22 2019-01-01 Fireeye, Inc. System and methods for advanced malware detection through placement of transition events
US10462173B1 (en) 2016-06-30 2019-10-29 Fireeye, Inc. Malware detection verification and enhancement by coordinating endpoint and malware detection systems
US10592678B1 (en) 2016-09-09 2020-03-17 Fireeye, Inc. Secure communications between peers using a verified virtual trusted platform module
US10491627B1 (en) 2016-09-29 2019-11-26 Fireeye, Inc. Advanced malware detection using similarity analysis
US10795991B1 (en) 2016-11-08 2020-10-06 Fireeye, Inc. Enterprise search
US10587647B1 (en) 2016-11-22 2020-03-10 Fireeye, Inc. Technique for malware detection capability comparison of network security devices
US10552610B1 (en) 2016-12-22 2020-02-04 Fireeye, Inc. Adaptive virtual machine snapshot update framework for malware behavioral analysis
US10581879B1 (en) 2016-12-22 2020-03-03 Fireeye, Inc. Enhanced malware detection for generated objects
US10523609B1 (en) 2016-12-27 2019-12-31 Fireeye, Inc. Multi-vector malware detection and analysis
US10904286B1 (en) 2017-03-24 2021-01-26 Fireeye, Inc. Detection of phishing attacks using similarity analysis
US10798112B2 (en) 2017-03-30 2020-10-06 Fireeye, Inc. Attribute-controlled malware detection
US10848397B1 (en) 2017-03-30 2020-11-24 Fireeye, Inc. System and method for enforcing compliance with subscription requirements for cyber-attack detection service
US10902119B1 (en) 2017-03-30 2021-01-26 Fireeye, Inc. Data extraction system for malware analysis
US10791138B1 (en) 2017-03-30 2020-09-29 Fireeye, Inc. Subscription-based malware detection
US10503904B1 (en) 2017-06-29 2019-12-10 Fireeye, Inc. Ransomware detection and mitigation
US10855700B1 (en) 2017-06-29 2020-12-01 Fireeye, Inc. Post-intrusion detection of cyber-attacks during lateral movement within networks
US10601848B1 (en) 2017-06-29 2020-03-24 Fireeye, Inc. Cyber-security system and method for weak indicator detection and correlation to generate strong indicators
US10893068B1 (en) 2017-06-30 2021-01-12 Fireeye, Inc. Ransomware file modification prevention technique
JP6748785B2 (ja) * 2017-08-18 2020-09-02 日本電信電話株式会社 不正侵入防止装置、不正侵入防止方法、およびプログラム
US10747872B1 (en) 2017-09-27 2020-08-18 Fireeye, Inc. System and method for preventing malware evasion
US10805346B2 (en) 2017-10-01 2020-10-13 Fireeye, Inc. Phishing attack detection
US11108809B2 (en) 2017-10-27 2021-08-31 Fireeye, Inc. System and method for analyzing binary code for malware classification using artificial neural network techniques
US11271955B2 (en) 2017-12-28 2022-03-08 Fireeye Security Holdings Us Llc Platform and method for retroactive reclassification employing a cybersecurity-based global data store
US11240275B1 (en) 2017-12-28 2022-02-01 Fireeye Security Holdings Us Llc Platform and method for performing cybersecurity analyses employing an intelligence hub with a modular architecture
US11005860B1 (en) 2017-12-28 2021-05-11 Fireeye, Inc. Method and system for efficient cybersecurity analysis of endpoint events
US10826931B1 (en) 2018-03-29 2020-11-03 Fireeye, Inc. System and method for predicting and mitigating cybersecurity system misconfigurations
US11003773B1 (en) 2018-03-30 2021-05-11 Fireeye, Inc. System and method for automatically generating malware detection rule recommendations
US10956477B1 (en) 2018-03-30 2021-03-23 Fireeye, Inc. System and method for detecting malicious scripts through natural language processing modeling
US11558401B1 (en) 2018-03-30 2023-01-17 Fireeye Security Holdings Us Llc Multi-vector malware detection data sharing system for improved detection
US11075930B1 (en) 2018-06-27 2021-07-27 Fireeye, Inc. System and method for detecting repetitive cybersecurity attacks constituting an email campaign
US11314859B1 (en) 2018-06-27 2022-04-26 FireEye Security Holdings, Inc. Cyber-security system and method for detecting escalation of privileges within an access token
US11228491B1 (en) 2018-06-28 2022-01-18 Fireeye Security Holdings Us Llc System and method for distributed cluster configuration monitoring and management
US11316900B1 (en) 2018-06-29 2022-04-26 FireEye Security Holdings Inc. System and method for automatically prioritizing rules for cyber-threat detection and mitigation
US11182473B1 (en) 2018-09-13 2021-11-23 Fireeye Security Holdings Us Llc System and method for mitigating cyberattacks against processor operability by a guest process
US11763004B1 (en) 2018-09-27 2023-09-19 Fireeye Security Holdings Us Llc System and method for bootkit detection
US12074887B1 (en) 2018-12-21 2024-08-27 Musarubra Us Llc System and method for selectively processing content after identification and removal of malicious content
US11176251B1 (en) 2018-12-21 2021-11-16 Fireeye, Inc. Determining malware via symbolic function hash analysis
US11368475B1 (en) 2018-12-21 2022-06-21 Fireeye Security Holdings Us Llc System and method for scanning remote services to locate stored objects with malware
US11743290B2 (en) 2018-12-21 2023-08-29 Fireeye Security Holdings Us Llc System and method for detecting cyberattacks impersonating legitimate sources
US11601444B1 (en) 2018-12-31 2023-03-07 Fireeye Security Holdings Us Llc Automated system for triage of customer issues
US11310238B1 (en) 2019-03-26 2022-04-19 FireEye Security Holdings, Inc. System and method for retrieval and analysis of operational data from customer, cloud-hosted virtual resources
US11677786B1 (en) 2019-03-29 2023-06-13 Fireeye Security Holdings Us Llc System and method for detecting and protecting against cybersecurity attacks on servers
US11636198B1 (en) 2019-03-30 2023-04-25 Fireeye Security Holdings Us Llc System and method for cybersecurity analyzer update and concurrent management system
US11258806B1 (en) 2019-06-24 2022-02-22 Mandiant, Inc. System and method for automatically associating cybersecurity intelligence to cyberthreat actors
US11556640B1 (en) 2019-06-27 2023-01-17 Mandiant, Inc. Systems and methods for automated cybersecurity analysis of extracted binary string sets
US11392700B1 (en) 2019-06-28 2022-07-19 Fireeye Security Holdings Us Llc System and method for supporting cross-platform data verification
US12445458B1 (en) 2019-06-28 2025-10-14 Google Llc System and method for identifying malicious hosts prior to commencement of a cyber-attack
US12200013B2 (en) 2019-08-07 2025-01-14 Musarubra Us Llc System and method for detecting cyberattacks impersonating legitimate sources
CN113632432B (zh) * 2019-09-12 2023-09-19 奇安信安全技术(珠海)有限公司 一种攻击行为的判定方法、装置及计算机存储介质
US11886585B1 (en) 2019-09-27 2024-01-30 Musarubra Us Llc System and method for identifying and mitigating cyberattacks through malicious position-independent code execution
US11637862B1 (en) 2019-09-30 2023-04-25 Mandiant, Inc. System and method for surfacing cyber-security threats with a self-learning recommendation engine
CN110704068B (zh) * 2019-10-18 2023-02-17 安徽中科国创高可信软件有限公司 基于数据库进行跨文件协同程序分析的处理方法及系统
US11436327B1 (en) 2019-12-24 2022-09-06 Fireeye Security Holdings Us Llc System and method for circumventing evasive code for cyberthreat detection
US11522884B1 (en) 2019-12-24 2022-12-06 Fireeye Security Holdings Us Llc Subscription and key management system
US11838300B1 (en) 2019-12-24 2023-12-05 Musarubra Us Llc Run-time configurable cybersecurity system
US11528294B2 (en) * 2021-02-18 2022-12-13 SecureworksCorp. Systems and methods for automated threat detection
CN114301725B (zh) * 2021-12-24 2022-11-11 珠海格力电器股份有限公司 设备控制方法、装置、电子设备及存储介质
CN114884686B (zh) * 2022-03-17 2024-03-08 新华三信息安全技术有限公司 一种php威胁识别方法及装置

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5960170A (en) * 1997-03-18 1999-09-28 Trend Micro, Inc. Event triggered iterative virus detection
US6347374B1 (en) * 1998-06-05 2002-02-12 Intrusion.Com, Inc. Event detection
RU22718U1 (ru) * 2001-12-28 2002-04-20 Кулик Сергей Дмитриевич Устройство для реализации и моделирования компьютерного вируса мутанта
US7392543B2 (en) * 2003-06-30 2008-06-24 Symantec Corporation Signature extraction system and method
RU2248608C1 (ru) * 2003-07-22 2005-03-20 Павлов Владимир Павлович Процессор
US20050086526A1 (en) * 2003-10-17 2005-04-21 Panda Software S.L. (Sociedad Unipersonal) Computer implemented method providing software virus infection information in real time
US8528086B1 (en) * 2004-04-01 2013-09-03 Fireeye, Inc. System and method of detecting computer worms
RU2271613C1 (ru) * 2004-09-15 2006-03-10 Военный университет связи Способ защиты вычислительных сетей от несанкционированных воздействий
US7836506B2 (en) * 2004-09-22 2010-11-16 Cyberdefender Corporation Threat protection network
US7636856B2 (en) * 2004-12-06 2009-12-22 Microsoft Corporation Proactive computer malware protection through dynamic translation
JP2006201845A (ja) * 2005-01-18 2006-08-03 Hitachi Software Eng Co Ltd ウィルス感染及び機密情報漏洩防止対策コンピュータ
GB0513375D0 (en) * 2005-06-30 2005-08-03 Retento Ltd Computer security
US20070094734A1 (en) * 2005-09-29 2007-04-26 Mangione-Smith William H Malware mutation detector
WO2007076624A1 (en) * 2005-12-30 2007-07-12 Intel Corporation Virtual machine to detect malicious code
US20070240222A1 (en) * 2006-04-06 2007-10-11 George Tuvell System and Method for Managing Malware Protection on Mobile Devices
US8261344B2 (en) * 2006-06-30 2012-09-04 Sophos Plc Method and system for classification of software using characteristics and combinations of such characteristics
JP2008129714A (ja) * 2006-11-17 2008-06-05 Univ Of Tsukuba 異常検知方法、異常検知装置及び異常検知用プログラム並びに学習モデル生成方法
IL181426A (en) * 2007-02-19 2011-06-30 Deutsche Telekom Ag Automatic removal of signatures for malware

Also Published As

Publication number Publication date
BRPI0913145A2 (pt) 2019-09-24
ZA201101745B (en) 2012-01-25
AU2009287433B2 (en) 2014-06-05
SG193808A1 (en) 2013-10-30
JP2012501504A (ja) 2012-01-19
RU2497189C2 (ru) 2013-10-27
AU2009287433A1 (en) 2010-03-04
US20100058474A1 (en) 2010-03-04
CA2735600C (en) 2018-08-21
WO2010025453A1 (en) 2010-03-04
RU2011111719A (ru) 2012-10-10
EP2340488A4 (en) 2012-07-11
CA2735600A1 (en) 2010-03-04
CN102203791A (zh) 2011-09-28
MY165418A (en) 2018-03-21
US20160012225A1 (en) 2016-01-14
EP2340488A1 (en) 2011-07-06

Similar Documents

Publication Publication Date Title
JP5562961B2 (ja) マルウェア検知のシステムおよび方法
Gorment et al. Machine learning algorithm for malware detection: Taxonomy, current challenges, and future directions
EP2472425B1 (en) System and method for detecting unknown malware
Wassermann et al. Sound and precise analysis of web applications for injection vulnerabilities
Mercaldo et al. Ransomware steals your phone. formal methods rescue it
Xu et al. Automatically evading classifiers
US20100122313A1 (en) Method and system for restricting file access in a computer system
US20060259948A1 (en) Integrated document handling in distributed collaborative applications
US20170061153A1 (en) Selective Policy Based Content Element Obfuscation
US12155686B2 (en) Method, system, and computer program product for automatically mitigating vulnerabilities in source code
JP2013516642A (ja) ネットワークを介して送信されるデータの暗号化および復号化システム、装置、および方法
Ladisa et al. On the feasibility of cross-language detection of malicious packages in npm and pypi
Naidu et al. A syntactic approach for detecting viral polymorphic malware variants
WO2025049586A1 (en) Generative sequence processing models for cybersecurity
Ouarda et al. Towards a better similarity algorithm for host-based intrusion detection system
US12229258B2 (en) System, method, and apparatus for smart whitelisting/blacklisting
Ahuja et al. On preventing SQL injection attacks
Alrabaee et al. Decoupling coding habits from functionality for effective binary authorship attribution
KR101220014B1 (ko) 보안 임계적인 데이터 컨테이너를 제공하기 위한 방법 및컴퓨터 판독가능 매체
Martinelli et al. Model checking to detect the hummingbad malware
HK1162708A (en) System and method for detection of malware
US12513190B2 (en) Snapshot for activity detection and threat analysis
Arıkan et al. Automating shareable cyber threat intelligence production for closed source software vulnerabilities: a deep learning based detection system
US20250240323A1 (en) Snapshot for activity detection and threat analysis
US20250291918A1 (en) Pipeline for rewriting and validating malicious code with generative artificial intelligence

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20120321

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20120321

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20130523

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20131008

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20131009

A601 Written request for extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A601

Effective date: 20140108

A602 Written permission of extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A602

Effective date: 20140116

A601 Written request for extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A601

Effective date: 20140208

A602 Written permission of extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A602

Effective date: 20140218

A601 Written request for extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A601

Effective date: 20140308

A602 Written permission of extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A602

Effective date: 20140317

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20140408

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20140513

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20140611

R150 Certificate of patent or registration of utility model

Ref document number: 5562961

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

S111 Request for change of ownership or part of ownership

Free format text: JAPANESE INTERMEDIATE CODE: R313113

R350 Written notification of registration of transfer

Free format text: JAPANESE INTERMEDIATE CODE: R350

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

S111 Request for change of ownership or part of ownership

Free format text: JAPANESE INTERMEDIATE CODE: R313113

R350 Written notification of registration of transfer

Free format text: JAPANESE INTERMEDIATE CODE: R350

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250