Method and system for detection of malware that connect to network destinations through cloud scanning and web reputation

摘要

A method for detecting malware includes the steps of identifying a one or more open network connections of an electronic device, associating one or more executable objects on the electronic device with the one or more open network connections of the electronic device, determining the address of a first network destination that is connected to the open network connections of the electronic device, receiving an evaluation of the first network destination, and identifying one or more of the executable objects as malware executable objects. The evaluation includes an indication that the first network destination is associated with malware. The malware executable objects includes the executable objects that are associated with the open network connections that are connected to the first network destination.

主权项

1. A method for detecting malware, comprising the steps of:
identifying one or more open network connections of an electronic device; associating one or more executable objects on the electronic device with the one or more open network connections of the electronic device; determining the address of a first network destination that is connected to the open network connections of the electronic device; receiving an evaluation of the first network destination, the evaluation comprising an indication that the first network destination is associated with malware; and identifying one or more of the executable objects as malware executable objects based on the evaluation of the first network destination, wherein the malware executable objects comprise the executable objects that are associated with the open network connections that are connected to the first network destination.