| 摘要 |
A method includes detecting a potentially malicious action of a potentially unsafe application on a host computer system; sending an application characteristic of the potentially unsafe application to a server system; and receiving a response from the server system indicating whether the potentially unsafe application is a safe application, an unsafe application or an unknown application. If the potentially unsafe application in an unknown application, the potentially unsafe application is executed in a sandbox on the server system.
|
