首页>
外国专利>
ZERO DAY THREAT DETECTION USING HOST APPLICATION/PROGRAM TO USER AGENT MAPPING
ZERO DAY THREAT DETECTION USING HOST APPLICATION/PROGRAM TO USER AGENT MAPPING
展开▼
机译:使用主机应用程序/程序对用户代理映射进行零日威胁检测
展开▼
页面导航
摘要
著录项
相似文献
摘要
A technique allows associating host applications and user agents in network traffic and detecting possible malware without relying on signatures of the user agents. A database of host applications and user agents is maintained, allowing automatic update of the database when a new application or new application to user agent mapping is discovered. Partial matches may be made when a change is made to the application, allowing learning the new mapping automatically. If an application is associated with more than a threshold number of user agents, an indication may be generated that the application is suspicious and possibly malware.
展开▼