Palo Alto Networks, Inc.
CONTEXT PROFILING FOR MALWARE DETECTION
Last updated:
Abstract:
Analysis of samples for maliciousness is disclosed. A sample is executed and one or more network activities associated with executing the sample are recorded. The recorded network activities are compared to a malware profile. The malware profile comprises a set of network activities taken by a known malicious application during execution of the known malicious application. A verdict of "malicious" is assigned to the sample based at least in part on a determination that the recorded network activities match the malware profile.
Status:
Application
Type:
Utility
Filling date:
11 Feb 2022
Issue date:
1 Sep 2022