| 摘要 |
FIELD: physics, computer engineering.SUBSTANCE: invention relates to computer engineering. A method of protecting a non-emulated computer system from malware which is attempting to prevent detection or analysis when executed in an emulated computer system includes the following steps: determining whether to identify an executable file as legitimate; and if not, executing the executable file in a non-emulated computer system while simultaneously indicating to the executable file that it is being executed in an emulated computer system.EFFECT: improved security of the computer system by "simulating" properties which indicate that a program is running in a virtual environment.19 cl, 6 dwg |
