首页>
外国专利>
Remote malware scanning capable of static and dynamic file analysis
Remote malware scanning capable of static and dynamic file analysis
展开▼
机译:能够进行静态和动态文件分析的远程恶意软件扫描
展开▼
页面导航
摘要
著录项
相似文献
摘要
A method of remote malware scanning comprises comparing at a first node (e.g. a host) file items of an electronic file (e.g. an Android app) to be scanned for malware with the file items of previously scanned electronic files that include a predetermined number of same file items than the app to be scanned, and generating a recipe that includes information for identifying the previously scanned app and one or more file items included in the app to be scanned, and the result of the comparison. The recipe is used at the server to reconstruct the app and execute a dynamic malware analysis on a runtime behaviour of the reconstructed app. The server may then send the result of the analysis to the host. A malware property query may be performed for the app and its file items before the aforementioned method, and the method may be initiated if the query yields an inconclusive result. Upon receiving the recipe, the server may request any missing files, i.e. files that are not readily available at the server or not sent along with the recipe, from the host.
展开▼