Patent · US Active

Micro-virtual machine forensics and detection

US9501310B2 · kind B2 · utility

0Cited by

13References

26Claims

0Family size

Assignee

Bromium, Inc. · US

Inventors

Rahul Kashyap · Foster City, US
J. McEnroe Samuel Navaraj · Santa Clara, US
Baibhav Singh · Sunnyvale, US
Arun Passi · Sunnyvale, US
Rafal Wojtczuk · Warszawa, PL

Key dates

Filing date	Dec 28, 2015
Grant date	Nov 22, 2016
Priority date	—
Expiry date	Dec 28, 2035

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/034
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

The execution of a process within a VM may be monitored, and when a trigger event occurs, additional monitoring is initiated, including storing behavior data describing the real-time events taking place inside the VM. This behavior data may then be compared to information about the expected behavior of that type of process in order to determine whether malware has compromised the VM.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.