Over the last decade, malicious software has become a pervasive problem for Internet users as many networked resources include vulnerabilities that are subject to attack. For instance, over the past few years, more and more vulnerabilities are being discovered in software that is loaded onto endpoint devices present on the network. These vulnerabilities may be exploited by allowing a third-party, e.g., through computer software, to gain access to one or more areas within the network not typically accessible. For example, a third-party may exploit a vulnerability to gain unauthorized access to email accounts and/or data files.
While some vulnerabilities continue to be addressed through software patches, prior to the release of such software patches, network devices will continue to be targeted for attack by exploits, namely malicious computer code that attempts to acquire sensitive information, adversely influence, or attack normal operations of the network device or the entire enterprise network by taking advantage of a vulnerability in computer software.
Currently, a datacenter may employ a plurality of virtual machines to simulate one or more endpoint devices in order to detect attacks by exploits and/or malware. However, the performance of advanced security measures on each virtual machine within the datacenter may lead to duplication of exploit detection efforts. This duplication of exploit detection efforts results in increased overhead of the plurality of virtual machines.
Currently, a virtual machine may perform a dynamic analysis of an object, e.g., one or more files included within received network traffic and/or files stored in a local or external storage device. In addition, each of a plurality of virtual machines may be configured with different software images thereby simulating various network device deployments. In some instances, a virtual machine may include a software configuration to simulate a specific network device within a particular enterprise network, e.g., configured with one or more specific applications to perform execution of particular objects.