| 发明名称 |
AUTOMATIC INITIATION OF EXECUTION ANALYSIS |
| 摘要 |
Approaches for transferring control to a bit set. Execution of a bit set upon a host operating system is monitored. A determination is made that the execution of the bit set exhibits a suspicious characteristic. In response, the execution of the bit set on the host operating system is ceased. Then, the bit set is copied into an isolated environment and control to the bit set is transferred within the isolated environment. Thereafter, execution analysis upon the bit set is initiated in the isolated environment. The isolated environment may, but need not, reside on a different physical device than upon which executes the host operating system. |
| 申请公布号 |
US2016232380(A1) |
申请公布日期 |
2016.08.11 |
| 申请号 |
US201615133077 |
申请日期 |
2016.04.19 |
| 申请人 |
Bromium, Inc. |
发明人 |
Pratt Ian;Kashyap Rahul C.;Banga Gaurav |
| 分类号 |
G06F21/71;H04L29/06 |
主分类号 |
G06F21/71 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. One or more non-transitory machine-readable storage mediums storing one or more sequences of instructions for initiating execution analysis upon a bit set, which when executed by one or more processors, causes:
monitoring execution of the bit set in a host operating system execution environment; and upon determining that the execution of the bit set exhibits a suspicious characteristic, then (a) ceasing the execution of the bit set in the host operating system execution environment, (b) copying the bit set into an isolated environment and transferring control to the bit set within the isolated environment, and (c) initiating execution analysis upon the bit set in the isolated environment. |
| 地址 |
Cupertino CA US |
