GB201610600D0 - Mitigation of anti-sandbox malware techniques - Google Patents

Mitigation of anti-sandbox malware techniques

Info

Publication number
GB201610600D0
GB201610600D0 GBGB1610600.7A GB201610600A GB201610600D0 GB 201610600 D0 GB201610600 D0 GB 201610600D0 GB 201610600 A GB201610600 A GB 201610600A GB 201610600 D0 GB201610600 D0 GB 201610600D0
Authority
GB
United Kingdom
Prior art keywords
mitigation
sandbox
malware techniques
techniques
sandbox malware
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GBGB1610600.7A
Other versions
GB2543602A (en
GB2543602B (en
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sophos Ltd
Original Assignee
Sophos Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US14/929,966 external-priority patent/US9942263B2/en
Application filed by Sophos Ltd filed Critical Sophos Ltd
Publication of GB201610600D0 publication Critical patent/GB201610600D0/en
Publication of GB2543602A publication Critical patent/GB2543602A/en
Application granted granted Critical
Publication of GB2543602B publication Critical patent/GB2543602B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/12Arrangements for detecting or preventing errors in the information received by using return channel
    • H04L1/14Arrangements for detecting or preventing errors in the information received by using return channel in which the signals are sent back to the transmitter to be checked ; echo systems

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Bioethics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
GB1610600.7A 2015-10-20 2016-06-17 Mitigation of anti-sandbox malware techniques Active GB2543602B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201562243720P 2015-10-20 2015-10-20
US14/929,966 US9942263B2 (en) 2015-10-20 2015-11-02 Mitigation of anti-sandbox malware techniques

Publications (3)

Publication Number Publication Date
GB201610600D0 true GB201610600D0 (en) 2016-08-03
GB2543602A GB2543602A (en) 2017-04-26
GB2543602B GB2543602B (en) 2020-01-08

Family

ID=56895304

Family Applications (1)

Application Number Title Priority Date Filing Date
GB1610600.7A Active GB2543602B (en) 2015-10-20 2016-06-17 Mitigation of anti-sandbox malware techniques

Country Status (1)

Country Link
GB (1) GB2543602B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110472415A (en) * 2018-12-13 2019-11-19 成都亚信网络安全产业技术研究院有限公司 A kind of determination method and device of rogue program
CN114553539A (en) * 2022-02-22 2022-05-27 深信服科技股份有限公司 Method and device for defending malicious program and related equipment

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11379578B1 (en) * 2020-10-16 2022-07-05 Trend Micro Incorporated Detecting malware by pooled analysis of sample files in a sandbox

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9104870B1 (en) * 2012-09-28 2015-08-11 Palo Alto Networks, Inc. Detecting malware
US9165142B1 (en) * 2013-01-30 2015-10-20 Palo Alto Networks, Inc. Malware family identification using profile signatures
US9355246B1 (en) * 2013-12-05 2016-05-31 Trend Micro Inc. Tuning sandbox behavior based on static characteristics of malware

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110472415A (en) * 2018-12-13 2019-11-19 成都亚信网络安全产业技术研究院有限公司 A kind of determination method and device of rogue program
CN110472415B (en) * 2018-12-13 2021-08-10 成都亚信网络安全产业技术研究院有限公司 Malicious program determination method and device
CN114553539A (en) * 2022-02-22 2022-05-27 深信服科技股份有限公司 Method and device for defending malicious program and related equipment

Also Published As

Publication number Publication date
GB2543602A (en) 2017-04-26
GB2543602B (en) 2020-01-08

Similar Documents

Publication Publication Date Title
GB2558826B (en) Mitigation of anti-sandbox malware techniques
HK1254377A1 (en) Sas interference mitigation options
IL255364A0 (en) Malware warning
EP3161714A4 (en) Mitigation of malware
HUE042335T2 (en) Dihydropyrrolopyridine inhibitors of ror-gamma
SG11201706729SA (en) Derivatives of sobetirome
IL257026A (en) Solid state forms of eluxadoline
GB201406608D0 (en) Virus
GB201521059D0 (en) Inhibitors of metallo-beta-lactamases
GB2545008B (en) Behaviour based malware prevention
GB201513626D0 (en) Mitigating blockchain attack
EP3314509A4 (en) Mitigation of malware
GB2515853B (en) Latency mitigation
ZA201706282B (en) Solid forms of menaquinols
GB2576997B (en) Crosstalk mitigation
GB201419572D0 (en) Virus
GB2543602B (en) Mitigation of anti-sandbox malware techniques
GB2543813B (en) Improved malware detection
GB2532452B (en) Preventing browser-originating attacks
GB201420512D0 (en) Shield
GB2546602B (en) Brake-pull mitigation
TWM490246U (en) Protection structure of article-placing container
GB201400932D0 (en) Location of criticality
GB201522013D0 (en) Virus
EP3326049A4 (en) Mitigation of unintended effects of inputs