| 发明名称 |
SYSTEM AND METHOD FOR THE TRACING AND DETECTION OF MALWARE |
| 摘要 |
Particular embodiments described herein provide for an electronic device that can be configured to determine that a program related to a process begins to run, trace events related to the program when it is determined that the program should be monitored, and determine a number of events to be traced before the trace is concluded. The number of events to be traced can be related to the type of program. In addition, the number of events that are traced can be related to the activity of the program. A number of child events to be traced can be determined if the program has a child program. The traced child events can be combined with the events traced and the results can be analyzed to determining if the process includes malware. |
| 申请公布号 |
US2015379268(A1) |
申请公布日期 |
2015.12.31 |
| 申请号 |
US201414318262 |
申请日期 |
2014.06.27 |
| 申请人 |
Singh Prabhat;Wu Zhixiong |
发明人 |
Singh Prabhat;Wu Zhixiong |
| 分类号 |
G06F21/56;G06F21/55 |
主分类号 |
G06F21/56 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. At least one computer-readable medium comprising one or more instructions that when executed by a processor, cause the processor to:
determine that a program related to a process begins to run; trace events related to the program when it is determined that the program should be monitored; determine a number of events to be traced before the trace is concluded; and analyze the results of the traced events to determining if the process includes malware. |
| 地址 |
New Thippasandra IN |
