首页>
外国专利>
Distinguishing legitimate modifications from malicious modifications during executable computer file modification analysis
Distinguishing legitimate modifications from malicious modifications during executable computer file modification analysis
展开▼
机译:在可执行计算机文件修改分析过程中,将合法修改与恶意修改区分开来
展开▼
页面导航
摘要
著录项
相似文献
摘要
Prior to a modification of an executable computer file (101), a modification analysis manager (111) stores (1101) content concerning a specified number of specified sized blocks (115) of a specified section of the executable file (101). After the modification of the executable file (101), the modification analysis manager (111) compares (1103), for each block (115), the content at the location of the block (115) after the modification of the executable file (101) with the content of the block (115) prior to the modification. The modification analysis manager (101) determines (1105) the status of the modification, responsive to a result of the comparison.
展开▼