The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Oct. 12, 2021
Filed:
Nov. 25, 2019
International Business Machines Corporation, Armonk, NY (US);
Zhongshu Gu, Ridgewood, NJ (US);
Heqing Huang, Mahwah, NJ (US);
Jiyong Jang, White Plains, NY (US);
Dhilung Hang Kirat, White Plains, NY (US);
Xiaokui Shu, Ossining, NY (US);
Marc P. Stoecklin, White Plains, NY (US);
Jialong Zhang, White Plains, NY (US);
International Business Machines Corporation, Armonk, NY (US);
Abstract
A computer-implemented method, a computer program product, and a computer system. The computer system installs and configures a virtual imitating resource in the computer system, wherein the virtual imitating resource imitates a set of resources in the computer system. Installing and configuring the virtual imitating resource includes modifying respective values of an installed version of the virtual imitating resource for an environment of the computer system, determining whether the virtual imitating resource is a static imitating resource or a dynamic imitating resource, and comparing a call graph of the evasive malware with patterns of dynamic imitating resources on a database. The computer system returns a response from an appropriate element of the virtual imitating resource, in response to a call from the evasive malware to a real computing resource, return, by the computer system.