The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jul. 29, 2014
Filed:
Jan. 23, 2009
Osman Abdoul Ismael, Palo Alto, CA (US);
Samuel Yie, Fremont, CA (US);
Jayaraman Manni, San Jose, CA (US);
Muhammad Amin, Fremont, CA (US);
Bahman Mahbod, Saratoga, CA (US);
Osman Abdoul Ismael, Palo Alto, CA (US);
Samuel Yie, Fremont, CA (US);
Jayaraman Manni, San Jose, CA (US);
Muhammad Amin, Fremont, CA (US);
Bahman Mahbod, Saratoga, CA (US);
FireEye, Inc., Milpitas, CA (US);
Abstract
Malicious network content is identified based on the behavior of one or more virtual environment components which process network content in a virtual environment. Network content can be monitored and analyzed using a set of heuristics. The heuristics identify suspicious network content communicated over a network. The suspicious network content can further be analyzed in a virtual environment that includes one or more virtual environment components. Each virtual environment component is configured to mimic live environment components, for example a browser application component or an operating system component. The suspicious network content is replayed in the virtual environment using one or more of the virtual environment components. The virtual environment component behavior is analyzed in view of an expected behavior to identify malicious network content. The malicious network content is then identified and processed.