| 主权项 |
1. A computer-implemented method, comprising:
providing, at a malware analysis system, a web services interface implemented by a malware analysis module running as a web service, the web services interface being arranged to enable a user at a first computer system to access the malware analysis system through a web services module and to request malware analysis of a file by the malware analysis system; determining a file type of the first file including analyzing portions of file content of the first file and analyzing characters in a header file associated with the first file to determine the type of file even if a file extension of the first file has been falsified; comparing the determined file type of the first file to a plurality of file types in a first policy file to determine whether the first file is to be analyzed by the malware analysis system; receiving, from a first computer system via the web services interface, a first malware analysis request, the first malware analysis request comprising a first file to be analyzed for malware by the malware analysis system, a type of malware analysis to be performed on the first file, and an indication of the manner in which the first file was added to the first computer system; initiating a malware analysis, by the malware analysis module running as a web service on the malware analysis system, of the first file for malware, the malware analysis including the type specified in the analysis request and the malware analysis based on the manner in which the first file was added to the first computer system; and communicating, to the first computer system via the web services interface implemented by the malware analysis module running as a web service on the malware analysis system, a response for the first file determined by the malware analysis system, the response comprising an indication of whether the first file comprises malware. |
