An electronic message is analyzed for malware contained in the message. Text of an electronic message may be analyzed to detect and process malware content in the electronic message itself. The present technology may analyze an electronic message and attachments to electronic messages to detect a uniform resource location (URL), identify whether the URL is suspicious, and analyze all suspicious URLs to determine if they are malware. The analysis may include re-playing the suspicious URL in a virtual environment which simulates the intended computing device to receive the electronic message. If the re-played URL is determined to be malicious, the malicious URL is added to a black list which is updated throughout the computer system.
申请公布号
WO2012145066(A1)
申请公布日期
2012.10.26
申请号
WO2012US26402
申请日期
2012.02.23
申请人
FIREEYE, INC.;AZIZ, ASHAR;UYENO, HENRY;MANNI, JAY;SUKHERA, AMIN;STANIFORD, STUART
发明人
AZIZ, ASHAR;UYENO, HENRY;MANNI, JAY;SUKHERA, AMIN;STANIFORD, STUART