首页> 外国专利> SYSTEMS AND METHODS FOR MALWARE EVASION MANAGEMENT

SYSTEMS AND METHODS FOR MALWARE EVASION MANAGEMENT

机译：恶意软件规避管理的系统和方法

页面导航

摘要
著录项
相似文献

摘要

A method for emulating at least one resource in a host computer to a querying hosted code. The method comprises monitoring a plurality of operating system (OS) queries received from a plurality of code executed on a monitored computing unit, the plurality of OS queries are designated to an OS of the monitored computing unit, detecting among the plurality of OS queries at least one query for receiving at least one characteristic of at least one resource of the monitored computing unit among the plurality of OS queries, the at least one query is received from querying code of the plurality of code, preparing a response of the OS to the at least one query, the response comprising a false indication at least one false characteristic of the at least one resource, and sending the response to the querying code in response to the at least one query.

机译：一种用于将主机计算机中的至少一个资源模拟为查询托管代码的方法。该方法包括监视从在被监视的计算单元上执行的多个代码接收的多个操作系统（OS）查询，将多个OS查询指定给被监视的计算单元的OS，在以下位置检测多个OS查询中的一个：至少一个查询，用于接收所述多个操作系统查询中的所述受监控计算单元的至少一种资源的至少一种特征，所述至少一个查询是从查询所述多个代码中的代码中接收到的，准备操作系统对所述至少一个查询，该响应包括错误指示至少一种资源的至少一个错误特征，并响应于至少一个查询将响应发送给查询代码。

著录项

公开/公告号US2016259939A1

专利类型
公开/公告日2016-09-08

原文格式PDF
申请/专利权人 MINERVA LABS LTD.;
展开▼

申请/专利号US201514639191
发明设计人 EREZ BREIMAN;OMRI MOYAL;EDUARD BOBRITSKY;
展开▼

申请日2015-03-05
分类号G06F21/56;G06F17/30;
国家 US
入库时间 2022-08-21 14:33:29

相似文献

专利
外文文献
中文文献