Invention Grant
US09432389B1 System, apparatus and method for detecting a malicious attack based on static analysis of a multi-flow object
有权
基于多流对象的静态分析来检测恶意攻击的系统,装置和方法
- Patent Title: System, apparatus and method for detecting a malicious attack based on static analysis of a multi-flow object
- Patent Title (中): 基于多流对象的静态分析来检测恶意攻击的系统,装置和方法
-
Application No.: US14231260Application Date: 2014-03-31
-
Publication No.: US09432389B1Publication Date: 2016-08-30
- Inventor: Yasir Khalid , Shivani Deshpande , Muhammad Amin
- Applicant: FireEye, Inc.
- Applicant Address: US CA Milpitas
- Assignee: FireEye, Inc.
- Current Assignee: FireEye, Inc.
- Current Assignee Address: US CA Milpitas
- Agency: Rutan & Tucker, LLP
- Main IPC: G06F21/00
- IPC: G06F21/00 ; H04L29/06
Abstract:
In an embodiment, a threat detection and prevention system comprises a network-traffic static analysis logic and a classification engine. The network-traffic static analysis logic is configured to conduct an analysis of a multi-flow object by analyzing characteristics of the multi-flow object and determining if the characteristics of the multi-flow object is associated with a malicious attack such as being indicative of an exploit for example. The classification engine is configured to receive results of the analysis of the multi-flow object and, based on the results of the analysis of the multi-flow object, determine whether the multi-flow object is associated with a malicious attack.
Information query
