首页>
外国专利>
Methods and systems for identifying malware through differences in cloud vs. client behavior
Methods and systems for identifying malware through differences in cloud vs. client behavior
展开▼
机译:通过云与客户端行为差异识别恶意软件的方法和系统
展开▼
页面导航
摘要
著录项
相似文献
摘要
A computing device may be configured to work in conjunction with another component (e.g., a server) to better determine whether a software application is benign or non-benign. This may be accomplished via the server performing static and/or dynamic analysis operations, generating a behavior information structure that describes or characterizes the range of correct or expected behaviors of the software application, and sending the behavior information structure to a computing device. The computing device may compare the received behavior information structure to a locally generated behavior information structure to determining whether the observed behavior of the software application differs or deviates from the expected behavior of the software application or whether the observed behavior is within the range of expected behaviors. The computing device may increase its level of security/scrutiny when the behavior information structure does not match the local behavior information structure.
展开▼