摘要 |
A method includes detecting a portion of data on an electronic device, determining a first representation of the malware status of the data, quarantining the data for a period of time, estimating whether the data is associated with malware by comparing the first and second representation, and, based on the estimation, releasing the data from quarantine. The first representation indicates that the malware status of the data is not certain to be safe and the malware status of the data is not certain to be malicious. |