Application behavior based malware detection
Number of patents in Portfolio can not be more than 2000
United States of America Patent
Stats
-
Aug 17, 2010
Grant Date -
N/A
app pub date -
Oct 11, 2005
filing date -
Oct 11, 2005
priority date (Note) -
In Force
status (Latency Note)
Importance
Abstract
An executable file is loaded into a virtual machine arranged to emulate the instructions of said executable file. The virtual machine keeps track of application programming interfaces (APIs) used by the executable file during emulation. The executable file is scanned to determine names of (APIs) used. Behavior flags are set if certain conditions occur within the executable file. The APIs determined during emulation and during scanning are compared with a set of known behaviors. A match of the APIs and the known behaviors indicates a high risk of malware. A determination of malware being present is based upon any matches and any behavior flags that are set.
First Claim
Family
International Classification(s)
Cited Art Landscape
Patent Citation Ranking
Advertisement
Advertisement
Advertisement
Recipient Email Address
Recipient Email Address
Comment
Recipient Email Address
Add to Portfolio(s)
To add this patent to one, or more, of your portfolios, simply click the add button.
This Patent is in these Portfolios:
Add to additional portfolios:
Last Refreshed On:
Changes done successfully