System and method for malware analysis using thread-level event monitoring
US10671726B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Sep 22, 2014 |
| Grant date | Jun 2, 2020 |
| Priority date | — |
| Expiry date | Sep 22, 2034 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/552
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
According to one embodiment, a computerized method comprises processing one or more objects by a first thread of execution that are part of a multi-thread process, monitoring events that occur during the processing of the one or more objects by the first thread, and storing information associated with the monitored events within an event log. The stored information comprises at least an identifier of the first thread to maintain an association between the monitored events and the first thread. Subsequently, the stored information within the event log is accessed for rendering a graphical display of the monitored events detected during processing of the one or more objects by the first thread on a display screen.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.