Invention Grant
- Patent Title: Method and apparatus for detecting malware in network traffic
- Patent Title (中): 用于检测网络流量中的恶意软件的方法和装置
-
Application No.: US12236419Application Date: 2008-09-23
-
Publication No.: US08370932B2Publication Date: 2013-02-05
- Inventor: Robert Edward Adams
- Applicant: Robert Edward Adams
- Applicant Address: US CO Broomfield
- Assignee: Webroot Inc.
- Current Assignee: Webroot Inc.
- Current Assignee Address: US CO Broomfield
- Agency: Sheridan Ross P.C.
- Main IPC: G06F7/04
- IPC: G06F7/04
Abstract:
A method and apparatus for detecting malware in network traffic is described. One embodiment executes, in an emulation environment, an executable file as it is being received serially over a network, execution beginning once a block of data including an entry point of the executable file has been received, execution halting whenever an instruction in the executable file references data not yet received and resuming once the data not yet received has been received, execution ceasing upon satisfaction of a termination condition; examining the emulation environment for indications that the executable file includes malware; and taking corrective action responsive to the results of examining the emulation environment for indications that the executable file includes malware.
Public/Granted literature
- US20100077476A1 METHOD AND APPARATUS FOR DETECTING MALWARE IN NETWORK TRAFFIC Public/Granted day:2010-03-25
Information query
