Network security analysis and malware detection using multiple types of malware information

摘要

A static information pipeline is configured to generate formatted static data recording information about malware generated during static analyses of malware. A dynamic information pipeline is configured to generate formatted dynamic data recording information about malware generated during dynamic analyses of malware performed within a network to be protected by the system. A datastore is configured to receive and store the formatted static data; receive and store the formatted dynamic data; generate indices that link stored formatted static data and stored formatted dynamic data that share similar properties; and respond to queries using the indices.