CPC H04L 63/1425 (2013.01) [G06F 9/45504 (2013.01); G06F 21/566 (2013.01); G06N 20/00 (2019.01); H04L 63/0209 (2013.01); H04L 63/1441 (2013.01)] | 20 Claims |
8. A device, comprising:
a memory; and
one or more processors are to:
detect one or more states of execution of suspicious data,
the one or more states of execution indicating that at least a portion of the suspicious data is unpacked in a location of the memory of the device, and
at least another portion of the suspicious data remains packed; and
extract, from the location in the memory, the portion of the suspicious data that is unpacked based on a priority level.
|