发明名称 |
Process evaluation for malware detection in virtual machines |
摘要 |
<p>Described systems and methods allow protecting a computer system from malware, such as viruses and rootkits. An anti-malware component executes within a virtual machine (VM) exposed by a hypervisor executing on the computer system. A memory introspection engine executes outside the virtual machine, at the processor privilege level of the hypervisor, and protects a process executing within the virtual machine by write-protecting a memory page of the respective process. By combining anti-malware components executing inside and outside the respective VM, some embodiments of the present invention may use the abundance of behavioral data that inside- VM components have access to, while protecting the integrity of such components from outside the respective VM.</p> |
申请公布号 |
AU2014389572(A1) |
申请公布日期 |
2016.01.21 |
申请号 |
AU20140389572 |
申请日期 |
2014.07.02 |
申请人 |
BITDEFENDER IPR MANAGEMENT LTD |
发明人 |
LUKACS, SANDOR;TOSA, RAUL-VASILE;BOCA, PAUL-DANIEL;HAJMASAN, GHEORGHE-FLORIN;LUTAS, ANDREI-VLAD |
分类号 |
G06F21/53;G06F9/455;G06F21/56 |
主分类号 |
G06F21/53 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|