Migration of sandbox processes for malware prevention
US10043010B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Dec 30, 2016 |
| Grant date | Aug 7, 2018 |
| Priority date | — |
| Expiry date | Dec 30, 2036 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/033
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Techniques of protecting computers from malware involve migrating processes running applications from a first sandbox to a second sandbox. Along these lines, when a computer being protected from malware receives application code over a network, the computer generates a set of processes that runs the application code on a first machine acting as a sandbox. After the set of processes produce a first output on the first machine, the computer migrates the set of processes to a second machine acting as another sandbox. After the set of processes produces a second output on the second machine, the computer grants or denies access to the application code based the second output. Because migration can occur over the entire lifecycle of an application and migration is difficult to detect, migrating processes running malware makes it more difficult for the malware to evade detection.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.