| 摘要 |
A method/system/computer program for obtaining the network origin of a downloaded entity of interest (e.g. a threat or malicious software). The method includes recording the network locations of at least some files downloaded to a processing system and recording the physical locations of the at least some files stored in one or more storage devices of the processing system. Then, identifying an entity of interest in the processing system and searching the recorded network locations and the recorded physical locations for the network location and the physical location of the entity of interest. Then, if the network location and the physical location of the entity of interest is identified, transmitting the network location and the physical location of the entity of interest to a remote processing system.
|
