发明名称 |
Systems and methods for malware attack prevention |
摘要 |
Systems and methods for malware attack prevention are provided. Network data is copied from a communication network. It is then determined if a possible malware attack is within the copied network data. The network data is intercepted based on the determination. The network data is then analyzed to identify a malware attack. |
申请公布号 |
US8898788(B1) |
申请公布日期 |
2014.11.25 |
申请号 |
US200711717474 |
申请日期 |
2007.03.12 |
申请人 |
FireEye, Inc. |
发明人 |
Aziz Ashar;Lai Wei-Lung;Manni Jayaraman |
分类号 |
G06F11/30;H04L29/06;G06F21/00 |
主分类号 |
G06F11/30 |
代理机构 |
Blakely, Sokoloff, Taylor & Zafman LLP |
代理人 |
Blakely, Sokoloff, Taylor & Zafman LLP |
主权项 |
1. A malware attack prevention method comprising:
copying a first network data from a communication network; configuring a replayer to dynamically modify one or more session variables and simulate behavior of a device responsible for transmission of the first network data on the communication network, the replayer to transmit modified first network data including at least a portion of the copied first network data and the one or more session variables to a virtual machine; before determining whether the at least the portion of the copied first network data is indicative of a malware attack, transmitting the modified first network data to the virtual machine, the virtual machine being configured to receive the modified first network data and provide a response thereto; analyzing the response by the virtual machine to the modified first network data to determine whether at least the portion of the copied first network data is indicative of a malware attack; and intercepting a second network data based on determining that at least the portion of the copied first network data is indicative of a malware attack. |
地址 |
Milpitas CA US |