首页>
外国专利>
System and method for analysis of a memory dump associated with a potentially malicious content suspect
System and method for analysis of a memory dump associated with a potentially malicious content suspect
展开▼
机译:用于分析与潜在恶意内容嫌疑人关联的内存转储的系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
A network device for detecting malware is described. The network device features a memory storage device and a controller. The controller operating in cooperation with one or more virtual machines that are based on software modules stored within the memory storage device. The controller is configured to (i) monitor behaviors of at least a first virtual machine of the one or more virtual machines processing data received over a network, (ii) identify at least one anomalous behavior that includes either a communication anomaly or an execution anomaly, and (iii) detect, based on the identified at least one anomalous behavior, a presence of malware in the first virtual machine in response to identifying the at least one anomalous behavior.
展开▼