首页>
外国专利>
MALWARE DETECTION BY A SANDBOX SERVICE BY UTILIZING CONTEXTUAL INFORMATION
MALWARE DETECTION BY A SANDBOX SERVICE BY UTILIZING CONTEXTUAL INFORMATION
展开▼
机译:利用上下文信息,通过沙箱服务检测恶意软件检测
展开▼
页面导航
摘要
著录项
相似文献
摘要
Systems and methods for improving malware detection by a sandbox service by utilizing Endpoint Detection and Response (EDR) origin contextual information are provided. According to an embodiment, a sandbox service associated with a network security platform protecting an enterprise network receives a file associated with sandbox-evading malware, to be classified by the sandbox service, and contextual information related to the file. The file is received from an endpoint security solution of the network security platform running on an endpoint device of the enterprise network. The sandbox service classifies the file as being malware by detonating the sandbox-evading malware as a result of performing sandboxing on the file including emulating an environment of the endpoint device based on the contextual information.
展开▼