首页>
外国专利>
Computer immune system and method for detecting unwanted code in a P-code or partially compiled native-code program executing within a virtual machine
Computer immune system and method for detecting unwanted code in a P-code or partially compiled native-code program executing within a virtual machine
展开▼
机译:用于检测在虚拟机中执行的P代码或部分编译的本机代码程序中不需要的代码的计算机免疫系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
An automated analysis system identifies the presence of malicious P-code or N-code programs in a manner that limits the possibility of the malicious code infecting a target computer. The target computer system initializes an analytical virtual P-code engine (AVPE). As initialized, the AVPE comprises software simulating the functionality of a P-code or intermediate language engine as well as machine language facilities simulating the P-code library routines that allow the execution of N-code programs. The AVPE executes a target program so that the target program does not interact with the target computer. The AVPE analyzes the behavior of the target program to identify occurrence of malicious code behavior and to indicate in a behavior pattern the occurrence of malicious code behavior. The AVPE is terminated at the end of the analysis process, thereby removing from the computer system the copy of the target program that was contained within the AVPE.
展开▼