首页>
外国专利>
A malware detection system based on correlation analysis using live response techniques
A malware detection system based on correlation analysis using live response techniques
展开▼
机译:基于使用实时响应技术的相关性分析的恶意软件检测系统
展开▼
页面导航
摘要
著录项
相似文献
摘要
PURPOSE: A malware detection system based on correlation analysis using live response techniques is provided to rapidly and accurately detect malware related to an advanced persistent threat (APT). CONSTITUTION: A malware detection system based on correlation analysis using live response techniques comprises a domain collector (31), a session information collector (32), a process collector (33), an execution file collector (34), and an analysis and display unit (35). The domain collector collects domain information from system information. The session information collector collects session information from the system information and searches the route of a process having a process ID. The process collector collects process information. The execution file collector collects execution file information. The analysis and display unit analyzes and displays the domain information, the session information, the process information, and execution file information. [Reference numerals] (31) Domain collector; (32) Session information collector; (33) Process collector; (34) Execution file collector; (35) Analysis and display unit; (36) Storage unit
展开▼