Patent · US Active

Just in time memory analysis for malware detection

US11151252B2 · kind B2 · utility

7Cited by

32References

21Claims

0Family size

Assignee

SONICWALL INC. · US

Inventors

Soumyadipta Das · Kanchinakote, IN
Alex Dubrovsky · Santa Clara, US
Igor Korsunsky · Sunnyvale, US

Key dates

Filing date	Oct 13, 2017
Grant date	Oct 19, 2021
Priority date	—
Expiry date	Feb 26, 2038

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/2125
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Methods and apparatus consistent with the present disclosure may use instrumentation code that remains transparent to an application program that the instrumentation code has been injected into. In certain instances, data sets that include executable code may be received via packetized communications or be received via other means, such as, receiving a file from a data store. The present technique allows a processor executing instrumentation code to monitor actions performed by the program code included in a received data set. Malware may be detected by scanning suspect program code with a malware scanner, malware may be detected by identifying suspicious actions performed by a set of program code, or malware may be detected by a combination of such techniques.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.