Microsoft Corporation
MALWARE DETECTION AND MITIGATION VIA A FORWARD PROXY SERVER

Abstract:

Methods, systems, apparatuses, and computer-readable storage mediums are described for performing malware detection and mitigation on behalf of a client device by a forward proxy server. For example, the client device is configured to route network traffic through the forward proxy server. The forward proxy server is configured to detect file transfer operations between the client device and a destination server. Responsive to detecting a file transfer operation, the forward proxy server obtains a copy of the file to be transferred and provides it to a malware identification service, which analyzes the file for malware. The malware identification service may execute on the forward proxy server or another server communicatively coupled thereto. Responsive to determining that the file has been compromised with malware, the forward proxy server performs one or more actions to mitigate the malware.