Title:
非同期イントロスペクション例外を使用するコンピュータセキュリティシステムおよび方法
Document Type and Number:
Japanese Patent JP6842455
Kind Code:
B2
Abstract:
Described systems and methods enable an efficient analysis of security-relevant events, especially in hardware virtualization platforms. In some embodiments, a notification handler detects the occurrence of an event within a virtual machine, and communicates the respective event to security software. The security software then attempts to match the respective event to a collection of behavioral and exception signatures. An exception comprises a set of conditions which, when satisfied by an tuple, indicates that the respective entity is not malicious. In some embodiments, a part of exception matching is performed synchronously (i.e., while execution of the entity that triggered the respective event is suspended), while another part of exception matching is performed asynchronously (i.e., after the triggering entity is allowed to resume execution).
Inventors:
Lukakus, Sandr
Sylve, Christian-Bogdan
Lutzas, Andrey-Vlad
Sylve, Christian-Bogdan
Lutzas, Andrey-Vlad
Application Number:
JP2018500939A
Publication Date:
March 17, 2021
Filing Date:
July 14, 2016
Export Citation:
Assignee:
Bit Defender IP Management Limited
International Classes:
G06F21/56
Domestic Patent References:
| JP2009238153A | ||||
| JP2015082191A |
Foreign References:
| US20110083176 |
Attorney, Agent or Firm:
Shinjiro Ono
Osamu Yamamoto
Toru Miyamae
Motoharu Nakanishi
Junichi Matsuo
Osamu Yamamoto
Toru Miyamae
Motoharu Nakanishi
Junichi Matsuo