首页> 外国专利> System and method of detecting delivery of malware based on indicators of compromise from different sources

System and method of detecting delivery of malware based on indicators of compromise from different sources

机译：基于来自不同来源的危害指标来检测恶意软件的传递的系统和方法

页面导航

摘要
著录项
相似文献

摘要

According to one embodiment, a computerized method comprises receiving a set of indicators of compromise (IOCs) associated with a known malware of a first message type from a first source and receiving one or more IOCs (IOC(s)) from a second source that is different from the first source. Thereafter, a determination is made as to whether the received IOC(s) from the second source correspond to the set of IOCs received from the first source. If so, information associated with at least the set of IOCs is used to locate a malware of the first message type that is undetected at the second source.

机译：根据一个实施例，一种计算机化的方法包括：从第一源接收与第一消息类型的已知恶意软件相关联的一组危害指示符（IOC），并从第二源接收一个或多个IOC（IOC），该危害指示符与第一个来源不同。此后，确定从第二源接收的IOC是否对应于从第一源接收的IOC集合。如果是这样，则至少与该IOC集合相关联的信息用于查找在第二来源未检测到的第一消息类型的恶意软件。

著录项

公开/公告号US9609007B1

专利类型
公开/公告日2017-03-28

原文格式PDF
申请/专利权人 FIREEYE INC.;
展开▼

申请/专利号US201615174827
发明设计人 ALEXANDR RIVLIN;DIVYESH MEHRA;HENRY UYENO;VINAY PIDATHALA;
展开▼

申请日2016-06-06
分类号G06F11;H04L29/06;
国家 US
入库时间 2022-08-21 13:42:11

相似文献

专利
外文文献
中文文献