Patent
System and method for below-operating system regulation and control of self-modifying code
TLDR
In this paper, a system for securing an electronic device may include a memory, a processor, one or more operating systems residing in the memory for execution by the processor, and a security agent configured to execute on the electronic device at a level below all of the operating systems of the electronic devices accessing the memory.Abstract:
A system for securing an electronic device may include a memory, a processor; one or more operating systems residing in the memory for execution by the processor; and a security agent configured to execute on the electronic device at a level below all of the operating systems of the electronic device accessing the memory. The security agent may be further configured to: (i) trap attempted accesses to the memory, wherein each of such attempted accesses may, individually or in the aggregate, indicate the presence of self-modifying malware; (ii) in response to trapping each attempted access to the memory, record information associated with the attempted access in a history; and (iii) in response to a triggering attempted access associated with a particular memory location, analyze information in the history associated with the particular memory location to determine if suspicious behavior has occurred with respect to the particular memory location.read more
Citations
More filters
Patent
System and method for providing a secured operating system execution environment
TL;DR: In this article, a system for launching a security architecture includes an electronic device comprising a processor and one or more operating systems, a security agent, and a launching module consisting of a boot manager and a secured launching agent.
Patent
System and Method for Detecting Time-Bomb Malware
TL;DR: In this paper, a system comprises one or more counters; comparison logic; and one or many hardware processors communicatively coupled to the counters and the comparison logic, where the counters are configured to monitor a delay caused by events conducted during processing of the content and identify the content as including malware if the delay exceed a first time period.
Patent
Exploit detection of malware and malware families
Hirendra Rathor,Kaushal Dalal +1 more
TL;DR: In this article, the authors present a computerized method for computing anomalous behavior associated with one or more observed events, wherein at least one of the observed events constitutes an anomalous behaviour; accessing a reference model based on a first plurality of events, the reference model comprises a first event of the first plurality, a second event and a relationship that identifies that the second event is based on the first event.
Patent
System and method for below-operating system trapping and securing loading of code into memory
TL;DR: In this paper, a system for protecting an electronic device against malware includes a memory, an operating system configured to execute on the electronic device, and a below-operating-system security agent.
Patent
System and method for securing an input/output path of an application against malware with a below-operating system security agent
TL;DR: In this paper, a system for securing an electronic device may include a memory, a processor, one or more operating systems residing in the memory for execution by the processor, an input-output (I/O) device coupled to the operating system; and a security agent configured to execute on the electronic device at a level below all of the operating systems accessing the I/O device.
References
More filters
Patent
Systems and Methods for Secure Transaction Management and Electronic Rights Protection
TL;DR: In this article, the authors proposed a secure content distribution method for a configurable general-purpose electronic commercial transaction/distribution control system, which includes a process for encapsulating digital information in one or more digital containers, a process of encrypting at least a portion of digital information, a protocol for associating at least partially secure control information for managing interactions with encrypted digital information and/or digital container, and a process that delivering one or multiple digital containers to a digital information user.
Proceedings ArticleDOI
Ether: malware analysis via hardware virtualization extensions
TL;DR: Ether, a transparent and external approach to malware analysis, is proposed, which is motivated by the intuition that for a malware analyzer to be transparent, it must not induce any side-effects that are unconditionally detectable by malware.
Patent
System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages
Yaron Mayer,Zak Dechovich +1 more
TL;DR: In this paper, the authors propose an approach based on automatic segregation between programs, so that the programs in each virtual environment think that they are alone on the computer, and any changes that they think they made in virtually shared resources are in reality only made in their own virtual environment.
Book ChapterDOI
Learning and Classification of Malware Behavior
TL;DR: The effectiveness of the proposed method for learning and discrimination of malware behavior is demonstrated, especially in detecting novel instances of malware families previously not recognized by commercial anti-virus software.
Patent
Computer immune system and method for detecting unwanted code in a computer system
TL;DR: In this article, an automated analysis system detects malicious code within a computer system by generating and subsequently analyzing a behavior pattern for each computer program introduced to the computer system and storing behavior patterns and sequences in a database.