Patent · US Active

Efficient program deobfuscation through system API instrumentation

US10956570B2 · kind B2 · utility

0Cited by

6References

20Claims

0Family size

Assignee

Palo Alto Networks, Inc. · US

Inventor

Robert Jung · Albuquerque, US

Key dates

Filing date	Dec 23, 2019
Grant date	Mar 23, 2021
Priority date	—
Expiry date	Dec 23, 2039

Classification

Technology area (CPC G)Physics
CPC primaryG06F2212/1052
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Techniques for efficient program deobfuscation through system application program interface (API) instrumentation are disclosed. In some embodiments, a system/process/computer program product for efficient program deobfuscation through system API instrumentation includes monitoring changes in memory after a system call event during execution of a malware sample in a computing environment; and generating a signature based on an analysis of the monitored changes in memory after the system call event during execution of the malware sample in the computing environment.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.