Some content of this application is unavailable at the moment.
If this situation persist, please contact us atFeedback&Contact
1. (WO2017112201) EXECUTING FULL LOGICAL PATHS FOR MALWARE DETECTION
Latest bibliographic data on file with the International Bureau

Pub. No.: WO/2017/112201 International Application No.: PCT/US2016/062981
Publication Date: 29.06.2017 International Filing Date: 21.11.2016
IPC:
G06F 21/56 (2013.01) ,G06F 21/53 (2013.01)
G PHYSICS
06
COMPUTING; CALCULATING; COUNTING
F
ELECTRIC DIGITAL DATA PROCESSING
21
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50
Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55
Detecting local intrusion or implementing counter-measures
56
Computer malware detection or handling, e.g. anti-virus arrangements
G PHYSICS
06
COMPUTING; CALCULATING; COUNTING
F
ELECTRIC DIGITAL DATA PROCESSING
21
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50
Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
52
during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure
53
by executing in a restricted environment, e.g. sandbox or secure virtual machine
Applicants:
MCAFEE, LLC [US/US]; 2821 Mission College Boulevard Santa Clara, California 95054-1838, US
Inventors:
SAHITA, Ravi; US
LI, Xiaoning; US
LU, Lixin; US
DENG, Lu; US
SHEPSEN, Alexander; US
XU, Xiang; US
HUANG, Liangjun; US
LIU, Hua; US
HUANG, Kai; US
Agent:
GUPTA, Rishi; US
Priority Data:
14/998,17824.12.2015US
Title (EN) EXECUTING FULL LOGICAL PATHS FOR MALWARE DETECTION
(FR) EXÉCUTION DE CHEMINS LOGIQUES COMPLETS POUR UNE DÉTECTION DE LOGICIEL MALVEILLANT
Abstract:
(EN) Embodiments include identifying, at a logical path node, a first logical path and a second logical path; executing, by a processor implemented at least partially in hardware, a first set of instructions to follow the first logical path; storing, in a memory, a first set of information obtained from following the first logical path; evaluating, by a malware handler module implemented at least partially in hardware, the first set of information for malware; restoring, from the memory, environmental data for the first logical path node; executing, by the processor, a second set of instructions to follow the second logical path; storing, in a memory, a second set of information obtained from following the second logical path; and evaluating, by the malware handler module, the second set of information for malware.
(FR) Des modes de réalisation de l'invention consistent à identifier, au niveau d'un nœud de chemin logique, un premier chemin logique et un second chemin logique; à exécuter, par un processeur mis en œuvre au moins partiellement dans un matériel, un premier ensemble d'instructions pour suivre le premier chemin logique; à stocker, dans une mémoire, un premier ensemble d'informations obtenues à partir de ce qui suit le premier chemin logique; à évaluer, par un module de gestionnaire de logiciel malveillant mis en œuvre au moins partiellement dans un matériel, le premier ensemble d'informations pour un logiciel malveillant; à restaurer, à partir de la mémoire, des données environnementales pour le premier nœud de chemin logique; à exécuter, par le processeur, un second ensemble d'instructions pour suivre le second chemin logique; à stocker, dans une mémoire, un second ensemble d'informations obtenues à partir de ce qui suit le second chemin logique; et à évaluer, par le module de gestionnaire de logiciel malveillant, le second ensemble d'informations pour un logiciel malveillant.
front page image
Designated States: AE, AG, AL, AM, AO, AT, AU, AZ, BA, BB, BG, BH, BN, BR, BW, BY, BZ, CA, CH, CL, CN, CO, CR, CU, CZ, DE, DJ, DK, DM, DO, DZ, EC, EE, EG, ES, FI, GB, GD, GE, GH, GM, GT, HN, HR, HU, ID, IL, IN, IR, IS, JP, KE, KG, KN, KP, KR, KW, KZ, LA, LC, LK, LR, LS, LU, LY, MA, MD, ME, MG, MK, MN, MW, MX, MY, MZ, NA, NG, NI, NO, NZ, OM, PA, PE, PG, PH, PL, PT, QA, RO, RS, RU, RW, SA, SC, SD, SE, SG, SK, SL, SM, ST, SV, SY, TH, TJ, TM, TN, TR, TT, TZ, UA, UG, US, UZ, VC, VN, ZA, ZM, ZW
African Regional Intellectual Property Organization (ARIPO) (BW, GH, GM, KE, LR, LS, MW, MZ, NA, RW, SD, SL, ST, SZ, TZ, UG, ZM, ZW)
Eurasian Patent Organization (AM, AZ, BY, KG, KZ, RU, TJ, TM)
European Patent Office (AL, AT, BE, BG, CH, CY, CZ, DE, DK, EE, ES, FI, FR, GB, GR, HR, HU, IE, IS, IT, LT, LU, LV, MC, MK, MT, NL, NO, PL, PT, RO, RS, SE, SI, SK, SM, TR)
African Intellectual Property Organization (BF, BJ, CF, CG, CI, CM, GA, GN, GQ, GW, KM, ML, MR, NE, SN, TD, TG)
Publication Language: English (EN)
Filing Language: English (EN)