Detection of malicious scripting language code in a network environment
US10140451B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jan 16, 2014 |
| Grant date | Nov 27, 2018 |
| Priority date | — |
| Expiry date | Jan 16, 2034 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/567
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A method is provided in one example embodiment and includes initiating an execution of a compiled script, evaluating a function called in the compiled script, detecting an execution event based on at least a first criterion, and storing information associated with the execution event in an execution event queue. The method also includes verifying a correlation signature based on information associated with at least one execution event in the execution event queue. In specific embodiments, the method includes evaluating an assignment statement of a script during compilation of the script by a compiler, detecting a compilation event based on at least a second criterion, and storing information associated with the compilation event in a compilation event queue. In yet additional embodiments, the verification of the correlation signature is based in part on information associated with one or more compilation events in the compilation event queue.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.