首页>
外国专利>
Detecting a malicious application executing in an emulator based on a check made by the malicious application after making an API call
Detecting a malicious application executing in an emulator based on a check made by the malicious application after making an API call
展开▼
机译:进行API调用后,根据恶意应用程序进行的检查来检测在模拟器中执行的恶意应用程序
展开▼
页面导航
摘要
著录项
相似文献
摘要
Detecting a malicious application executing in an emulator based on a check made by the malicious application after making an API call. In one embodiment, a method may include executing an application in an emulator that emulates a real-world computing environment. The method may also include detecting, in the application, an API call configured to accept a parameter and return a variable return value to a return address in the application. The method may further include detecting, at the return address, a check to be performed on the variable return value returned by the API call. The method may also include, in response to the detecting of the check, determining that the application is malicious. The method may further include performing a security action on the malicious application to prevent the malicious application from executing in the real-world computing environment.
展开▼