首页>
外国专利>
Secure behavior analysis over trusted execution environment
Secure behavior analysis over trusted execution environment
展开▼
机译:在受信任的执行环境上进行安全的行为分析
展开▼
页面导航
摘要
著录项
相似文献
摘要
Systems and methods for recognizing and reacting to malicious or performance-degrading behaviors in a mobile device include observing mobile device behaviors in an observer module within a privileged-normal portion of a secure operating environment to identify a suspicious mobile device behavior. The observer module may generate a concise behavior vector based on the observations, and provide the vector to an analyzer module in an unprivileged-secure portion of the secure operating environment. The vector may be analyzed in the unprivileged-secure portion to determine whether the mobile device behavior is benign, suspicious, malicious, or performance-degrading. If the behavior is found to be suspicious, operations of the observer module may be adjusted, such as to perform deeper observations. If the behavior is found to be malicious or performance-degrading behavior the user and/or a client module may be alerted in a secure, tamper-proof manner.
展开▼