The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jul. 02, 2019
Filed:
Jun. 30, 2016
Fireeye, Inc., Milpitas, CA (US);
Phung-Te Ha, Dublin, CA (US);
FireEye, Inc., Milpitas, CA (US);
Abstract
A method for hiding transition events during malware detection comprising processing of an object within a VM, intercepting an attempted execution of an instruction located on a page in memory associated with the VM, responsive to determining the page includes instructions corresponding to one of a predefined set of function calls, (i) inserting a first transition event into the memory at a location on the page of a first instruction of the instructions, and (ii) setting a permission of the page to be execute only, and responsive to further processing within the VM causing an attempt to read from or write to the page including the first transition event, (i) halting processing within the VM, (ii) removing the first transition event, (iii) setting the permission of the page to prohibit execution, and (iv) resuming the processing is shown.