首页>
外国专利>
MALWARE DETECTION VIA NETWORK INFORMATION FLOW THEORIES
MALWARE DETECTION VIA NETWORK INFORMATION FLOW THEORIES
展开▼
机译:通过网络信息流理论检测恶意软件
展开▼
页面导航
摘要
著录项
相似文献
摘要
Access is obtained to a plurality of information flow theories for a plurality of malicious programs. The information flow theories include differences in information flows between the malicious programs, executing in a controlled environment, and information flows of known benign programs. Execution of a suspicious program is monitored by comparing runtime behavior of the suspicious program to the plurality of information flow theories. An alarm is output if the runtime behavior of the suspicious program matches at least one of the plurality of information flow theories.
展开▼