| 发明名称 | Dynamic malware analysis of a URL using a browser executed in an instrumented virtual machine environment | ||
| 摘要 | Various techniques for performing malware analysis of a URL (e.g., a URL sample) using a browser executed in an instrumented virtual machine environment are disclosed. In some embodiments, a system for performing dynamic malware analysis of a URL using a browser executed in an instrumented virtual machine environment includes the instrumented virtual machine environment executed on a processor that receives a URL sample for dynamic malware analysis using the browser executed in the instrumented virtual machine environment; and a dynamic time allocator executed on the processor that dynamically determines a period of time allocated for performing the dynamic malware analysis of the URL sample using the browser executed in the instrumented virtual machine environment, in which the URL sample is rendered using the browser executed in the instrumented virtual machine environment and monitored using the instrumented virtual machine environment for the period of time allocated for performing the dynamic malware analysis of the URL sample. | ||
| 申请公布号 | US9413774(B1) | 申请公布日期 | 2016.08.09 |
| 申请号 | US201414525027 | 申请日期 | 2014.10.27 |
| 申请人 | Palo Alto Networks, Inc. | 发明人 | Liu Jiangxia;Ouyang Xin;Qu Bo |
| 分类号 | H04L29/06;G06F9/455;G06F21/55;G06F21/56;G06F21/52;G06F21/50 | 主分类号 | H04L29/06 |
| 代理机构 | Van Pelt, Yi & James LLP | 代理人 | Van Pelt, Yi & James LLP |
| 主权项 | 1. A system for performing dynamic malware analysis of Uniform Resource Locator (URL) samples using a browser executed in an instrumented virtual machine environment, comprising: the instrumented virtual machine environment executed on a processor that receives a URL sample for dynamic malware analysis using the browser executed in the instrumented virtual machine environment; and a dynamic time allocator executed on the processor that dynamically determines a period of time allocated for performing the dynamic malware analysis of the URL sample using the browser executed in the instrumented virtual machine environment, wherein the URL sample is rendered using the browser executed in the instrumented virtual machine environment and monitored using the instrumented virtual machine environment for the period of time allocated for performing the dynamic malware analysis of the URL sample, wherein the determining of the period of time allocated for performing the dynamic malware analysis of the URL sample using the browser executed in the instrumented virtual machine environment comprises: reducing a time-out delay of the URL sample to be shorter;modifying a refresh delay of the URL sample to be shorter; andtriggering execution of content of the URL sample. | ||
| 地址 | Santa Clara CA US | ||