Dynamic sandbox scarecrow for malware management

Malware uses various techniques to detect a sandbox environment so that malicious code can avoid execution in closely monitored contexts that might otherwise trigger detection and remediation. A security system is dynamically updated to exploit these anti-sandbox techniques, e.g., by causing endpoin...

Full description

Saved in:
Bibliographic Details
Main Authors Loman, Erik Jan, Ackerman, Karl, Reed, Simon Neil, Thomas, Andrew J, Ray, Kenneth D, McKerchar, Ross
Format Patent
LanguageEnglish
Published 26.12.2023
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online AccessGet full text

Cover

More Information
Summary:Malware uses various techniques to detect a sandbox environment so that malicious code can avoid execution in closely monitored contexts that might otherwise trigger detection and remediation. A security system is dynamically updated to exploit these anti-sandbox techniques, e.g., by causing endpoints to mimic sandbox environments in a manner that discourages malware execution on the endpoint, and by updating sandboxes to alter or hide sandbox detection triggers.
Bibliography:Application Number: US202017066767