System and method for proactive computer virus protection
US7376970B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Feb 20, 2004 |
| Grant date | May 20, 2008 |
| Priority date | — |
| Expiry date | Aug 19, 2026 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/566
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A system, method, and computer readable medium for the proactive detection of malware in operating systems that receive application programming interface (API) calls is provided. A virtual operating environment for simulating the execution of programs and determining if the programs are malware is created. The virtual operating environment confines potential malware so that the systems of the host operating environment will not be adversely effected. During simulation, a behavior signature is generated based on the API calls issued by potential malware. The behavior signature is suitable for analysis to determine whether the simulated executable is malware.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.