Patent · US Active

Detection efficacy of virtual machine-based analysis with application specific events

US9262635B2 · kind B2 · utility

228Cited by

200References

27Claims

0Family size

Assignee

FireEye, Inc. · US

Inventors

Sushant Paithane · Milpitas, US
Sai Vashisht · معلمی نژاد, US

Key dates

Filing date	Feb 5, 2014
Grant date	Feb 16, 2016
Priority date	—
Expiry date	Feb 5, 2034

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/145
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A computerized system and method is described for classifying objects as malicious by processing the objects in a virtual environment and monitoring behaviors during processing by one or more monitors. The monitors may monitor and record selected sets of process operations and capture associated process parameters, which describe the context in which the process operations were performed. By recording the context of process operations, the system and method described herein improves the intelligence of classifications and consequently reduces the likelihood of incorrectly identifying objects as malware or vice versa.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.