CN105393255B - 用于虚拟机中的恶意软件检测的过程评估 - Google Patents

用于虚拟机中的恶意软件检测的过程评估 Download PDF

Info

Publication number
CN105393255B
CN105393255B CN201480038552.XA CN201480038552A CN105393255B CN 105393255 B CN105393255 B CN 105393255B CN 201480038552 A CN201480038552 A CN 201480038552A CN 105393255 B CN105393255 B CN 105393255B
Authority
CN
China
Prior art keywords
evaluated
virtual machine
score
executing
evaluator
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201480038552.XA
Other languages
English (en)
Chinese (zh)
Other versions
CN105393255A (zh
Inventor
山多尔·卢卡奇
劳尔-瓦西里·托萨
保罗-丹尼尔·博卡
格奥尔基-弗洛兰·哈嘉玛山
安德烈-弗拉德·鲁塔斯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Bit Fan De Intellectual Property Management Co Ltd
Original Assignee
Bit Fan De Intellectual Property Management Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bit Fan De Intellectual Property Management Co Ltd filed Critical Bit Fan De Intellectual Property Management Co Ltd
Publication of CN105393255A publication Critical patent/CN105393255A/zh
Application granted granted Critical
Publication of CN105393255B publication Critical patent/CN105393255B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Storage Device Security (AREA)
  • Debugging And Monitoring (AREA)
  • Memory System Of A Hierarchy Structure (AREA)
CN201480038552.XA 2013-07-05 2014-07-02 用于虚拟机中的恶意软件检测的过程评估 Active CN105393255B (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US13/936,058 2013-07-05
US13/936,058 US9117080B2 (en) 2013-07-05 2013-07-05 Process evaluation for malware detection in virtual machines
PCT/RO2014/000019 WO2015152748A1 (en) 2013-07-05 2014-07-02 Process evaluation for malware detection in virtual machines

Publications (2)

Publication Number Publication Date
CN105393255A CN105393255A (zh) 2016-03-09
CN105393255B true CN105393255B (zh) 2019-07-12

Family

ID=52133728

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201480038552.XA Active CN105393255B (zh) 2013-07-05 2014-07-02 用于虚拟机中的恶意软件检测的过程评估

Country Status (12)

Country Link
US (1) US9117080B2 (enExample)
EP (1) EP3017392B1 (enExample)
JP (1) JP6378758B2 (enExample)
KR (1) KR101946982B1 (enExample)
CN (1) CN105393255B (enExample)
AU (1) AU2014389572B2 (enExample)
CA (1) CA2915888C (enExample)
ES (1) ES2785350T3 (enExample)
IL (1) IL243123B (enExample)
RU (1) RU2634205C2 (enExample)
SG (1) SG11201510313SA (enExample)
WO (1) WO2015152748A1 (enExample)

Families Citing this family (95)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10187452B2 (en) 2012-08-23 2019-01-22 TidalScale, Inc. Hierarchical dynamic scheduling
US9521156B2 (en) * 2013-02-10 2016-12-13 Paypal, Inc. Method and product for providing a predictive security product and evaluating existing security products
US9824225B1 (en) * 2013-09-20 2017-11-21 EMC IP Holding Company LLC Protecting virtual machines processing sensitive information
WO2015065330A1 (en) * 2013-10-29 2015-05-07 Hewlett-Packard Development Company, L.P. Virtual machine introspection
US9692789B2 (en) 2013-12-13 2017-06-27 Oracle International Corporation Techniques for cloud security monitoring and threat intelligence
KR101801567B1 (ko) * 2013-12-19 2017-11-27 인텔 코포레이션 권한 관리된 콘텐츠의 정책에 기반한 신뢰성 있는 검사
US9292686B2 (en) * 2014-01-16 2016-03-22 Fireeye, Inc. Micro-virtualization architecture for threat-aware microvisor deployment in a node of a network environment
US20150229659A1 (en) * 2014-02-13 2015-08-13 Guardicore Ltd. Passive detection of malicious network-mapping software in computer networks
US9836318B2 (en) * 2014-02-21 2017-12-05 Infineon Technologies Ag Safety hypervisor function
US9241010B1 (en) * 2014-03-20 2016-01-19 Fireeye, Inc. System and method for network behavior detection
JP6370098B2 (ja) * 2014-05-16 2018-08-08 杉中 順子 情報処理装置、情報処理監視方法、プログラム、及び記録媒体
US10038703B2 (en) * 2014-07-18 2018-07-31 The Regents Of The University Of Michigan Rating network security posture and comparing network maliciousness
US11507663B2 (en) 2014-08-11 2022-11-22 Sentinel Labs Israel Ltd. Method of remediating operations performed by a program and system thereof
US9710648B2 (en) * 2014-08-11 2017-07-18 Sentinel Labs Israel Ltd. Method of malware detection and system thereof
US9552481B1 (en) * 2014-12-30 2017-01-24 Symantec Corporation Systems and methods for monitoring programs
US9189630B1 (en) * 2015-01-21 2015-11-17 AO Kaspersky Lab Systems and methods for active operating system kernel protection
US10944764B2 (en) * 2015-02-13 2021-03-09 Fisher-Rosemount Systems, Inc. Security event detection through virtual machine introspection
US10127064B2 (en) * 2015-02-24 2018-11-13 Red Hat Israel, Ltd. Read-only VM function chaining for secure hypervisor access
US10417031B2 (en) * 2015-03-31 2019-09-17 Fireeye, Inc. Selective virtualization for security threat detection
US10567395B2 (en) * 2015-05-10 2020-02-18 Check Point Advanced Threat Prevention Ltd Detection of potentially malicious web content by emulating user behavior and user environment
US9703956B1 (en) * 2015-06-08 2017-07-11 Symantec Corporation Systems and methods for categorizing virtual-machine-aware applications for further analysis
US10691476B2 (en) * 2015-06-27 2020-06-23 Mcafee, Llc Protection of sensitive data
US10642753B1 (en) * 2015-06-30 2020-05-05 Fireeye, Inc. System and method for protecting a software component running in virtual machine using a virtualization layer
US10726127B1 (en) 2015-06-30 2020-07-28 Fireeye, Inc. System and method for protecting a software component running in a virtual machine through virtual interrupts by the virtualization layer
US10216927B1 (en) * 2015-06-30 2019-02-26 Fireeye, Inc. System and method for protecting memory pages associated with a process using a virtualization layer
US11113086B1 (en) 2015-06-30 2021-09-07 Fireeye, Inc. Virtual system and method for securing external network connectivity
US10395029B1 (en) 2015-06-30 2019-08-27 Fireeye, Inc. Virtual system and method with threat protection
RU2589862C1 (ru) * 2015-06-30 2016-07-10 Закрытое акционерное общество "Лаборатория Касперского" Способ обнаружения вредоносного кода в оперативной памяти
RU2618947C2 (ru) * 2015-06-30 2017-05-11 Закрытое акционерное общество "Лаборатория Касперского" Способ предотвращения работы программ, содержащих нежелательный для пользователя функционал
US10033759B1 (en) 2015-09-28 2018-07-24 Fireeye, Inc. System and method of threat detection under hypervisor control
US11240334B2 (en) 2015-10-01 2022-02-01 TidalScale, Inc. Network attached memory using selective resource migration
CN105389197B (zh) 2015-10-13 2019-02-26 北京百度网讯科技有限公司 用于基于容器的虚拟化系统的操作捕获方法和装置
JP6721329B2 (ja) * 2015-12-21 2020-07-15 三菱電機株式会社 パワー半導体装置およびその製造方法
US10089124B2 (en) 2015-12-31 2018-10-02 International Business Machines Corporation Security application for a guest operating system in a virtual computing environment
US9965313B2 (en) * 2016-01-05 2018-05-08 Bitdefender IPR Management Ltd. Systems and methods for auditing a virtual machine
JP6711000B2 (ja) * 2016-02-12 2020-06-17 日本電気株式会社 情報処理装置、ウィルス検出方法及びプログラム
US10536478B2 (en) * 2016-02-26 2020-01-14 Oracle International Corporation Techniques for discovering and managing security of applications
US10127368B2 (en) * 2016-03-01 2018-11-13 Filevine, Inc. Systems for identity validation and association
US12339979B2 (en) * 2016-03-07 2025-06-24 Crowdstrike, Inc. Hypervisor-based interception of memory and register accesses
US12248560B2 (en) * 2016-03-07 2025-03-11 Crowdstrike, Inc. Hypervisor-based redirection of system calls and interrupt-based task offloading
WO2017155523A1 (en) * 2016-03-09 2017-09-14 Hewlett Packard Enterprise Development Lp Server virtual address space
US10116630B2 (en) * 2016-04-04 2018-10-30 Bitdefender IPR Management Ltd. Systems and methods for decrypting network traffic in a virtualized environment
US11379385B2 (en) * 2016-04-16 2022-07-05 Vmware, Inc. Techniques for protecting memory pages of a virtual computing instance
CN107360120B (zh) * 2016-05-10 2019-06-11 华为技术有限公司 虚拟网络功能的审计方法和装置
US10592267B2 (en) 2016-05-17 2020-03-17 Vmware, Inc. Tree structure for storing monitored memory page data
US10430223B2 (en) 2016-05-17 2019-10-01 Vmware, Inc. Selective monitoring of writes to protected memory pages through page table switching
FR3051934A1 (fr) * 2016-05-24 2017-12-01 Orange Procede d'identification d'au moins une fonction d'un noyau d'un systeme d'exploitation
US10353736B2 (en) * 2016-08-29 2019-07-16 TidalScale, Inc. Associating working sets and threads
CN106445639A (zh) * 2016-09-30 2017-02-22 北京奇虎科技有限公司 监测虚拟机的方法及装置
US11695800B2 (en) 2016-12-19 2023-07-04 SentinelOne, Inc. Deceiving attackers accessing network data
US10635479B2 (en) * 2016-12-19 2020-04-28 Bitdefender IPR Management Ltd. Event filtering for virtual machine security applications
CN108241801B (zh) * 2016-12-26 2021-03-30 华为技术有限公司 处理系统调用的方法和装置
US9734337B1 (en) 2017-01-24 2017-08-15 Malwarebytes Inc. Behavior-based ransomware detection
US10592664B2 (en) * 2017-02-02 2020-03-17 Cisco Technology, Inc. Container application security and protection
JP6841703B2 (ja) * 2017-03-29 2021-03-10 アドソル日進株式会社 コンピュータ装置
US10579274B2 (en) 2017-06-27 2020-03-03 TidalScale, Inc. Hierarchical stalling strategies for handling stalling events in a virtualized environment
KR101937935B1 (ko) * 2017-07-07 2019-04-11 한국전자통신연구원 가상머신 프로세스 실행에 따른 감사 증적 저장 장치 및 방법
US10802863B2 (en) * 2017-07-07 2020-10-13 Electronics And Telecommunications Research Institute Apparatus and method for storing audit trail in response to virtual-machine process execution
US10467552B2 (en) * 2017-07-31 2019-11-05 Pearson Education, Inc. System and method for automatic content provisioning
US11294898B2 (en) 2017-07-31 2022-04-05 Pearson Education, Inc. System and method of automated assessment generation
JP2020530922A (ja) 2017-08-08 2020-10-29 センチネル ラボ, インコーポレイテッドSentinel Labs, Inc. エッジネットワーキングのエンドポイントを動的にモデリングおよびグループ化する方法、システム、およびデバイス
KR20190021673A (ko) * 2017-08-23 2019-03-06 주식회사 수산아이앤티 랜섬웨어 방지 장치 및 방법
US10817347B2 (en) 2017-08-31 2020-10-27 TidalScale, Inc. Entanglement of pages and guest threads
US11687654B2 (en) * 2017-09-15 2023-06-27 Intel Corporation Providing isolation in virtualized systems using trust domains
US10546120B2 (en) * 2017-09-25 2020-01-28 AO Kaspersky Lab System and method of forming a log in a virtual machine for conducting an antivirus scan of a file
US10678922B2 (en) * 2017-11-23 2020-06-09 Nicira, Inc. Detecting arbitrary code execution using a hypervisor
US10713357B2 (en) * 2017-11-23 2020-07-14 Nicira, Inc. Detecting lateral movement using a hypervisor
CN107798236B (zh) * 2017-11-30 2021-05-04 阿里巴巴(中国)有限公司 一种对应用程序安装包实现安全安装的方法和装置
US11250123B2 (en) 2018-02-28 2022-02-15 Red Hat, Inc. Labeled security for control flow inside executable program code
CN108804225B (zh) * 2018-05-24 2021-01-01 新华三云计算技术有限公司 一种虚拟机负载调控方法和装置
US11836246B2 (en) * 2018-11-19 2023-12-05 Secure Micro Ltd Computer implemented method
US11295008B2 (en) * 2019-02-13 2022-04-05 Nec Corporation Graphics processing unit accelerated trusted execution environment
US11550903B1 (en) * 2019-04-26 2023-01-10 Joseph Alan Epstein System and method for trustworthiness, reputation, provenance, and measurement of software
JP7278423B2 (ja) 2019-05-20 2023-05-19 センチネル ラブス イスラエル リミテッド 実行可能コード検出、自動特徴抽出及び位置独立コード検出のためのシステム及び方法
US11277436B1 (en) * 2019-06-24 2022-03-15 Ca, Inc. Identifying and mitigating harm from malicious network connections by a container
US11782713B1 (en) 2019-08-27 2023-10-10 Amazon Technologies, Inc. Security vulnerability mitigation using address space co-execution
US11630900B2 (en) * 2019-09-30 2023-04-18 Mcafee, Llc Detection of malicious scripted activity in fileless attacks
US10754506B1 (en) * 2019-10-07 2020-08-25 Cyberark Software Ltd. Monitoring and controlling risk compliance in network environments
US11836247B2 (en) * 2020-03-30 2023-12-05 Fortinet, Inc. Detecting malicious behavior in a network using security analytics by analyzing process interaction ratios
IL275098A (en) * 2020-06-03 2022-01-01 Kazuar Advanced Tech Ltd A multi-computing environment with the fewest loopholes
RU2763112C1 (ru) * 2020-08-24 2021-12-27 Акционерное общество "Лаборатория Касперского" Система и способ формирования списка виртуальных машин с указанием статуса защиты
WO2022081733A1 (en) * 2020-10-13 2022-04-21 BedRock Systems, Inc. A formally verified trusted computing base with active security and policy enforcement
US11579857B2 (en) 2020-12-16 2023-02-14 Sentinel Labs Israel Ltd. Systems, methods and devices for device fingerprinting and automatic deployment of software in a computing network using a peer-to-peer approach
US12124568B2 (en) * 2021-04-20 2024-10-22 Assured Information Security, Inc. Prevention and remediation of malware based on selective presentation of files to processes
CN113221103B (zh) * 2021-05-08 2022-09-20 山东英信计算机技术有限公司 一种容器安全防护方法、系统及介质
US11899782B1 (en) * 2021-07-13 2024-02-13 SentinelOne, Inc. Preserving DLL hooks
US20230019995A1 (en) * 2021-07-19 2023-01-19 Sri International Trojan detection via distortions, nitrogen-vacancy diamond (nvd) sensors, and electromagnetic (em) probes
US12086237B2 (en) 2021-10-21 2024-09-10 Microsoft Technology Licensing, Llc Securely redirecting system service routines
WO2023069166A1 (en) * 2021-10-21 2023-04-27 Microsoft Technology Licensing, Llc Securely redirecting system service routines
KR102656980B1 (ko) * 2022-03-14 2024-04-15 세종대학교산학협력단 가상화 환경에서 인스턴스의 메모리를 연속적으로 기록하는 방법 및 장치
US12452273B2 (en) 2022-03-30 2025-10-21 SentinelOne, Inc Systems, methods, and devices for preventing credential passing attacks
WO2023239008A1 (ko) * 2022-06-10 2023-12-14 엘지전자 주식회사 차량의 신호 처리 장치 및 이를 구비하는 차량용 통신 장치용 통신 장치
US11977496B1 (en) 2022-09-29 2024-05-07 Amazon Technologies, Inc. Security vulnerability mitigation using hardware-supported context-dependent address space hiding
WO2024152041A1 (en) 2023-01-13 2024-07-18 SentinelOne, Inc. Classifying cybersecurity threats using machine learning on non-euclidean data
US20240289151A1 (en) * 2023-02-24 2024-08-29 Ati Technologies Ulc Address-space-identifier-based security of data transfer requests

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1841397A (zh) * 2005-03-31 2006-10-04 微软公司 聚合计算机系统的知识库以主动保护计算机免受恶意软件侵害
US20100306849A1 (en) * 2007-12-12 2010-12-02 Vmware, Inc. On-access anti-virus mechanism for virtual machine architecture
US20120254993A1 (en) * 2011-03-28 2012-10-04 Mcafee, Inc. System and method for virtual machine monitor based anti-malware security

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4412156B2 (ja) * 2004-11-30 2010-02-10 沖電気工業株式会社 処理装置
US7996836B1 (en) 2006-12-29 2011-08-09 Symantec Corporation Using a hypervisor to provide computer security
US8380987B2 (en) * 2007-01-25 2013-02-19 Microsoft Corporation Protection agents and privilege modes
US8561182B2 (en) * 2009-01-29 2013-10-15 Microsoft Corporation Health-based access to network resources
US8387046B1 (en) 2009-03-26 2013-02-26 Symantec Corporation Security driver for hypervisors and operating systems of virtualized datacenters
JP2014514651A (ja) * 2011-03-28 2014-06-19 マカフィー, インコーポレイテッド バーチャルマシーンモニタベースのアンチマルウェアセキュリティのためのシステム及び方法
US8099596B1 (en) 2011-06-30 2012-01-17 Kaspersky Lab Zao System and method for malware protection using virtualization
US9069586B2 (en) * 2011-10-13 2015-06-30 Mcafee, Inc. System and method for kernel rootkit protection in a hypervisor environment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1841397A (zh) * 2005-03-31 2006-10-04 微软公司 聚合计算机系统的知识库以主动保护计算机免受恶意软件侵害
US20100306849A1 (en) * 2007-12-12 2010-12-02 Vmware, Inc. On-access anti-virus mechanism for virtual machine architecture
US20120254993A1 (en) * 2011-03-28 2012-10-04 Mcafee, Inc. System and method for virtual machine monitor based anti-malware security

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
A Layered Malware Detection Model Using VMM;Lin Chen等;《2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications》;20120627;全文 *

Also Published As

Publication number Publication date
JP2016526730A (ja) 2016-09-05
ES2785350T3 (es) 2020-10-06
EP3017392A1 (en) 2016-05-11
EP3017392B1 (en) 2020-01-22
CA2915888C (en) 2021-05-04
WO2015152748A1 (en) 2015-10-08
HK1216930A1 (zh) 2016-12-09
AU2014389572A1 (en) 2016-01-21
KR101946982B1 (ko) 2019-05-10
IL243123B (en) 2019-11-28
CA2915888A1 (en) 2015-10-08
CN105393255A (zh) 2016-03-09
JP6378758B2 (ja) 2018-08-22
RU2016103212A (ru) 2017-08-10
US20150013008A1 (en) 2015-01-08
KR20160030385A (ko) 2016-03-17
AU2014389572B2 (en) 2019-03-07
RU2634205C2 (ru) 2017-10-24
US9117080B2 (en) 2015-08-25
SG11201510313SA (en) 2016-01-28

Similar Documents

Publication Publication Date Title
CN105393255B (zh) 用于虚拟机中的恶意软件检测的过程评估
US8549648B2 (en) Systems and methods for identifying hidden processes
US9262246B2 (en) System and method for securing memory and storage of an electronic device with a below-operating system security agent
US9087199B2 (en) System and method for providing a secured operating system execution environment
US8621620B2 (en) System and method for protecting and securing storage devices using below-operating system trapping
US9384349B2 (en) Negative light-weight rules
US8549644B2 (en) Systems and method for regulating software access to security-sensitive processor resources
US9392016B2 (en) System and method for below-operating system regulation and control of self-modifying code
US8650642B2 (en) System and method for below-operating system protection of an operating system kernel
US8863283B2 (en) System and method for securing access to system calls
US8925089B2 (en) System and method for below-operating system modification of malicious code on an electronic device
CN107690645B (zh) 使用解释器虚拟机的行为恶意软件检测
US20120255014A1 (en) System and method for below-operating system repair of related malware-infected threads and resources
US20120255031A1 (en) System and method for securing memory using below-operating system trapping
US20120254993A1 (en) System and method for virtual machine monitor based anti-malware security
US20120255000A1 (en) System and method for below-operating system trapping and securing of interdriver communication
US9424427B1 (en) Anti-rootkit systems and methods
US20120254994A1 (en) System and method for microcode based anti-malware security
HK1216930B (zh) 用於虚拟机中的恶意软件检测的过程评估
HK1247295B (zh) 使用异步自测异常的计算机安全系统及方法

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 1216930

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant