Systems and methods for replicating computing system environments
First Claim
1. A computer-implemented method for replicating computing system environments, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- identifying each application installed on a plurality of computing systems and creating a profile for each computing system that identifies each application installed on the computing system;
creating, within a virtual machine image, virtual containers comprising each application installed on the plurality of computing systems;
determining that a potentially malicious file is directed to a target computing system within the plurality of computing systems;
utilizing a profile for the target computing system to identify each application installed on the target computing system;
in response to determining that the file is directed to the target computing system, replicating a configuration of the target computing system within the virtual machine image by activating each virtual container comprising an application identified by the profile for the target computing system;
after configuring the virtual machine image to replicate the configuration of the target computing system, determining how the file would affect the target computing system by sending the file to the virtual machine image and analyzing how the file impacts the virtual machine image.
2 Assignments
0 Petitions
Accused Products
Abstract
The disclosed computer-implemented method for replicating computing system environments may include (1) identifying each application installed on a plurality of computing systems, (2) creating, within a virtual machine image, virtual containers that store each application installed on the plurality of computing systems, (3) determining that a potentially malicious file is directed to a target computing system within the plurality of computing systems, (4) identifying each application installed on the target computing system, (5) in response to determining that the file is directed to the target computing system, replicating a configuration of the target computing system within the virtual machine image by, for each application installed on the target computing system, activating a virtual container that stores the application, and (6) determining how the file would affect the target computing system by sending the file to the virtual machine image and analyzing how the file impacts the virtual machine image.
179 Citations
20 Claims
-
1. A computer-implemented method for replicating computing system environments, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
-
identifying each application installed on a plurality of computing systems and creating a profile for each computing system that identifies each application installed on the computing system; creating, within a virtual machine image, virtual containers comprising each application installed on the plurality of computing systems; determining that a potentially malicious file is directed to a target computing system within the plurality of computing systems; utilizing a profile for the target computing system to identify each application installed on the target computing system; in response to determining that the file is directed to the target computing system, replicating a configuration of the target computing system within the virtual machine image by activating each virtual container comprising an application identified by the profile for the target computing system; after configuring the virtual machine image to replicate the configuration of the target computing system, determining how the file would affect the target computing system by sending the file to the virtual machine image and analyzing how the file impacts the virtual machine image. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for replicating execution environments, the system comprising:
-
an identification software module, stored in memory, that identifies each application installed on a plurality of computing systems and creates a profile for each computing system that identifies each application installed on the computing system; a creation software module, stored in memory, that creates, within a virtual machine image, virtual containers comprising each application installed on the plurality of computing systems; a determination software module, stored in memory, that determines that a potentially malicious file is directed to a target computing system within the plurality of computing systems; an application software module, stored in memory, that utilizes a profile for the target computing system to identify each application installed on the target computing system; a replication software module, stored in memory, that in response to determining that the file is directed to the target computing system, replicates a configuration of the target computing system within the virtual machine image by activating each virtual container comprising an application identified by the profile for the target computing system; an analysis software module, stored in memory, that after configuring the virtual machine image to replicate the configuration of the target computing system, determines how the file would affect the target computing system by sending the file to the virtual machine image and analyzing how the file impacts the virtual machine image; at least one processor configured to execute the identification software module, the creation software module, the determination software module, the application software module, the replication software module, and the analysis software module. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer-readable medium comprising one or more computer-executable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
-
identify each application installed on a plurality of computing systems and create a profile for each computing system that identifies each application installed on the computing system; create, within a virtual machine image, virtual containers comprising each application installed on the plurality of computing systems; determine that a potentially malicious file is directed to a target computing system within the plurality of computing systems; utilize a profile for the target computing system to identify each application installed on the target computing system; in response to determining that the file is directed to the target computing system, replicate a configuration of the target computing system within the virtual machine image by activating each virtual container comprising an application identified by the profile for the target computing system; after configuring the virtual machine image to replicate the configuration of the target computing system, determine how the file would affect the target computing system by sending the file to the virtual machine image and analyzing how the file impacts the virtual machine image. - View Dependent Claims (18, 19, 20)
-
Specification