Patent · US Active

In-memory scanning for fileless malware on a host device

US12079339B2 · kind B2 · utility

0Cited by

0References

20Claims

0Family size

Assignee

VMware LLC · US

Inventors

Kedar Bhalchandra CHAUDHARI · Pune, IN
Pranav Gokhale · Chicago, US
Mandar Barve · Pune, IN

Key dates

Filing date	May 12, 2022
Grant date	Sep 3, 2024
Priority date	—
Expiry date	Feb 28, 2043

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/53
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

The disclosure herein describes the processing of malware scan requests from VCIs by an anti-malware scanner (AMS) on a host device. A malware scan request is received by the AMS from a VCI, the malware scan request including script data of a script from a memory buffer of the VCI. The AMS scans the script data of the malware scan request, outside of the VCI, and determines that the script includes malware. The AMS notifies the VCI that the script includes malware, whereby the VCI is configured to prevent execution of the script or take other mitigating action. The AMS provides scanning for fileless malware to VCIs on a host device without consuming or otherwise affecting resources of the VCIs.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.