Process evaluation for malware detection in virtual machines

A virtual machine and malicious technology, applied in program control design, computer security devices, instruments, etc., can solve problems such as computer users losing data and sensitive information, identity theft and productivity loss

Active Publication Date: 2016-03-09
BITDEFENDER IPR MANAGEMENT
View PDF3 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Malware in its many forms (such as computer viruses, worms and rootkits) poses a serious threat to millions of computer users, making computer users prone to loss of data and sensitive information, identity theft and loss of productivity, etc.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Process evaluation for malware detection in virtual machines
  • Process evaluation for malware detection in virtual machines
  • Process evaluation for malware detection in virtual machines

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] In the following description, it should be understood that all enumerated connections between structures may be direct operative connections or indirect operative connections through intervening structures. A component collection contains one or more components. Any listing of elements should be understood to mean at least one element. A plurality of elements includes at least two elements. The steps of any described method do not necessarily need to be performed in the particular order illustrated, unless otherwise required. A first element (eg, data) derived from a second element encompasses the first element being equal to the second element, as well as the first element and optionally other data resulting from processing the second element. Making a determination or decision based on parameters encompasses making a determination or decision based on parameters and optionally other data. Unless otherwise specified, an indicator of some quantity / data may be the qua...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Described systems and methods allow protecting a computer system from malware, such as viruses and rootkits. An anti-malware component executes within a virtual machine (VM) exposed by a hypervisor executing on the computer system. A memory introspection engine executes outside the virtual machine, at the processor privilege level of the hypervisor, and protects a process executing within the virtual machine by write-protecting a memory page of the respective process. By combining anti-malware components executing inside and outside the respective VM, some embodiments of the present invention may use the abundance of behavioral data that inside- VM components have access to, while protecting the integrity of such components from outside the respective VM.

Description

Background technique [0001] The present invention relates to systems and methods for protecting computer systems from malware, and more particularly to anti-malware systems using hardware virtualization techniques. [0002] Malware (Malicious software) (abbreviated as malware in English) affects a large number of computer systems worldwide. Malware in its many forms (eg, computer viruses, worms, and rootkits) poses a serious threat to millions of computer users, making computer users prone to loss of data and sensitive information, identity theft, and loss of productivity. [0003] Hardware virtualization techniques allow the creation of simulated computer environments, often referred to as virtual machines, which in many respects behave like a physical computer system. In typical applications such as server consolidation and Infrastructure as a Service (IAAS), several virtual machines can run simultaneously on the same physical machine, sharing hardware resources between the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
CPCG06F21/566G06F21/53G06F2221/2141G06F2221/2149G06F9/45558G06F2009/45587
Inventor 山多尔·卢卡奇劳尔-瓦西里·托萨保罗-丹尼尔·博卡格奥尔基-弗洛兰·哈嘉玛山安德烈-弗拉德·鲁塔斯
Owner BITDEFENDER IPR MANAGEMENT
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap