Adaptive virtual machine snapshot update framework for malware behavioral analysis
US10552610B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 19, 2017 |
| Grant date | Feb 4, 2020 |
| Priority date | — |
| Expiry date | Jul 27, 2037 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/034
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A method for updating a virtual machine disk snapshot for use in instantiating one or more virtual guest instances for malware detection is described. The method features (i) detecting a guest image update package that includes information for updating one or more software components included as part of the virtual machine disk snapshot, and (ii) determining whether the guest image update package is currently contained in a contiguous storage area that is part of the virtual machine disk snapshot. Responsive to determining that the guest image update package is more recent than content currently contained in the contiguous storage area, the guest image update package is inserted into the contiguous storage area that is part of the virtual machine disk snapshot to generate a revised virtual machine disk snapshot that includes the one or more updated software components.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.