公开(公告)号：US10318731B2

公开(公告)日：2019-06-11

申请号：US15369769

申请日：2016-12-05

Applicant: INSTITUTE FOR INFORMATION INDUSTRY

Inventor： Jian-Wei Liao ,  Chin-Wei Tien ,  Shun-Chieh Chang

IPC: G06F21/55 ,  H04L12/26 ,  G06F21/56

Abstract: A detection method comprising: (A) transmitting a to-be tested file to a first testing machine by the processing device; wherein the first testing machine uses for executing the to-be tested file; (B) monitoring that whether a component usage of the first testing machine is higher than a default threshold during a period of executing the to-be tested file by the processing device; and (C) when the component usage of the first testing machine is higher than the default threshold, the memory forensics module analyzes the memory space of the first testing machine to determine that whether the to-be tested file comprises a malware program and generate an analyzing result.