Patent · US Active

Micro-virtual machine forensics and detection

US10607007B2 · kind B2 · utility

0Cited by

16References

18Claims

0Family size

Assignee

HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P. · US

Inventors

Rahul Kashyap · Foster City, US
J. McEnroe Samuel Navaraj · Santa Clara, US
Baibhav Singh · Sunnyvale, US
Arun Passi · Sunnyvale, US
Rafal Wojtczuk · Warszawa, PL
Adrian Taylor · Cambridge, GB

Key dates

Filing date	Nov 21, 2016
Grant date	Mar 31, 2020
Priority date	—
Expiry date	Aug 6, 2037

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/2133
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

An isolated environment is instantiated in response to receiving a request to execute a process. One or more events occurring within the isolated environment in which the process executes are identified. Whether the actual behavior of the process executing within the isolated environment deviates from an expected behavior of the execution of the process is determined. Only when it is determined that the process deviates from the expected behavior is behavior data, which describes the actual behavior of the process during execution, stored. A determination is then made as to whether the process is compromised by analyzing the behavior data that describes the actual behavior of the process.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.