Dynamically remote tuning of a malware content detection system
US11949698B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 31, 2022 |
| Grant date | Apr 2, 2024 |
| Priority date | — |
| Expiry date | Mar 31, 2042 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/20
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
According to one embodiment, an non-transitory storage medium is configured to store a plurality of engines, which operate to conduct an analysis of a received object to determine if the object is associated with a malicious attack. The plurality of engines includes a first engine and a second engine. The first engine is configured to conduct a first analysis of the received object for anomalous behaviors including anomalous actions or omissions during virtual processing of the object that indicate the received object is malicious. The second engine is configured to conduct a second analysis corresponding to a classification of the object as being associated with a malicious attack. The analysis schemes conducted by the first engine and the second engine may be altered via configuration files, which adjusts (i) parameter value(s) or (ii) operation rules(s) to alter the analysis conducted by the first engine and/or second engine.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.