Patent · US Active

Selective system call monitoring

US9690606B1 · kind B1 · utility

165Cited by

204References

37Claims

0Family size

Assignee

FireEye, Inc. · US

Inventors

Phung-Te Ha · Dublin, US
Wei Xu · Tangxia, CN

Key dates

Filing date	Mar 25, 2015
Grant date	Jun 27, 2017
Priority date	—
Expiry date	Apr 23, 2035

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/034
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

According to one embodiment of the invention, a computerized method is described for improved efficiency in malware detection. The method comprises detecting a system call initiated by a virtual machine and determining a class assigned to the detected system call. In response to determining that the system call is associated with a first class of system calls, providing information associated with the system call to virtualized device hardware. In contrast, in response to determining that the system call is associated with a second class of system calls, which is different from the first class of system calls, the virtual machine resumes virtual processing of an object without providing information to the virtualized device hardware.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.