System, apparatus and method for automatically verifying exploits within suspect objects and highlighting the display information associated with the verified exploits
US9306974B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Feb 11, 2015 |
| Grant date | Apr 5, 2016 |
| Priority date | — |
| Expiry date | Feb 11, 2035 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/145
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A threat detection system is integrated with intrusion protection system (IPS) logic, virtual execution logic and reporting logic is shown. The IPS logic is configured to identify a first plurality of objects as suspicious objects and outputting information associated with the suspicious objects. The virtual execution logic is configured to receive the suspicious objects and verify whether any of the suspicious objects is an exploit. The virtual execution logic includes at least one virtual machine configured to virtually process content within the suspicious objects and monitor for anomalous behaviors during the virtual processing that are indicative of exploits. The reporting logic is configured to issue a report including the information associated with the suspicious objects from the IPS logic and results of the virtual processing of the content within the suspicious objects.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.