Field of the Invention
The invention described herein generally relates to a computer protection system, and in particular, a system for detecting and protecting against threats from malware vulnerabilities by simulating malicious actions, analyzing the results, and applying or suggesting remediation.
Description of the Related Art
Computing devices have increasingly become repositories for sensitive data of corporations and users. This has given rise to malicious users who try to gain access to these computing devices. Additionally, malicious users often attempt to install programs that track user interactions or utilize the computing resources of computing devices for malicious purposes. The Internet today is a breeding ground for criminal activity. Home users, small and medium businesses, international corporations and governmental bodies all suffer from constant attacks cause by malware such as viruses and Trojans. Malware, short for malicious software, is any hostile or intrusive software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of executable code, scripts, active content, and other software.
Malware can steal personal and corporate bank account information, steal credit card numbers, conduct distributed-denial-of-service (DDoS) attacks with the instigators then demanding money to stop the attacks—a cyber racket, create networks of Trojan proxy servers (these can be used to send spam, and for commercial gain), create zombie networks, which can be exploited in multiple ways, create programs which download and install adware to the victim machine, install Trojan dialers which will repeatedly call pay services, etc. Consequently, anti-malware software has been developed to block these malicious users from gaining access to computing devices. However, malicious users continually attempt to circumvent the protection that anti-malware software provides. Malware has gotten more sophisticated and there is thus a need for new and advanced system and methods for securing against vulnerabilities to breaches from malware.