首页>
外国专利>
DISTRIBUTED TRAFFIC PATTERN ANALYSIS AND ENTROPY PREDICTION FOR DETECTING MALWARE IN A NETWORK ENVIRONMENT
DISTRIBUTED TRAFFIC PATTERN ANALYSIS AND ENTROPY PREDICTION FOR DETECTING MALWARE IN A NETWORK ENVIRONMENT
展开▼
机译:网络环境中恶意软件的分布式流量模式分析和熵预测
展开▼
页面导航
摘要
著录项
相似文献
摘要
Technologies are provided in embodiments to detect malware. The embodiments are configured to receive an entropy rate of a potentially affected system. The embodiments are further configured to compare the entropy rate to an average entropy rate, and to determine a probability that the potentially affected system is infected with malware. The probability is based, at least in part, on a result of the comparison. More specific embodiments can include the received entropy rate being generated, at a least in part, by a genetic program. Additional embodiments can include a configuration to provide the potentially affected system with a specified time-span associated with the genetic program. The specified time-span indicates an amount of time to observe context information on the potentially affected system. In at least some embodiments, the result of the comparison includes an indicator of whether the entropy rate correlates to an infected system or a healthy system.
展开▼