首页>
外国专利>
Multi-tiered sandbox based network threat detection
Multi-tiered sandbox based network threat detection
展开▼
机译:基于多层沙箱的网络威胁检测
展开▼
页面导航
摘要
著录项
相似文献
摘要
Systems and methods for multi-tiered sandbox based network threat detection are provided. According to one embodiment, a file is received by a computer system. The file is caused to exhibit a first set of behaviors by processing the file within a virtualization application based environment of the computer system. The virtualization application based environment is created based on an application to which the file pertains. The file is further caused to exhibit a second set of behaviors by processing the file within a container based environment of the computer system. Differences, if any, between the first set of behaviors and the second set of behaviors. Finally, the file is classified as malicious when the differences are greater than a predefined or configurable threshold.
展开▼