has been granted two patents by the United States Patent and Trademark Office for technologies designed to counteract anti-malware evasion techniques used
by malware writers.
techniques used by cybercriminals are evolving, but Kaspersky Lab has
an answer to their stratagems.
For each trick designed to fool anti-malware technologies, our experts
rapidly develop countermeasures," comments Timur Biyachuev, Director of
Anti-Malware Research, Kaspersky Lab.
The first patent, No.
9111096, is titled "System and Method for Preserving and
Subsequently Restoring Emulator State." This patent covers a technology
that counteracts attempts by malware to detect and stop emulation being
used to spot malicious functionality in code.
The newly-patented technology can create images of the emulator's state
and load them if the execution of the code being analyzed terminates incorrectly. It also creates
images if predefined events occur, providing greater flexibility when using emulation technology.
The second patent, No.
9116621, covers a technology called "System and Method of
Transfer of Control between Memory Locations." The purpose of the
technology is to make monitoring by a security solution invisible to
malware. By controlling memory page access rights, it
provides the ability to log Application Programming Interface (API)
function calls made by the program being analyzed. The security solution
receives data on these calls directly from the CPU using hardware
interruption. When information is transferred at
the hardware level, monitoring is concealed, which helps to detect new
malware more effectively.
Both technologies are used in Kaspersky
Total Security, Kaspersky
Internet Security, Kaspersky
Anti-Virus and Kaspersky
Endpoint Security for Business. The first patented technology, "System and Method for Preserving and Subsequently Restoring Emulator State", is also used in Kaspersky
Security for Virtualization.
Kaspersky Lab continues to develop and patent new data protection technologies. As of early September 2015,
the company has 334 patents in Russia, the U.S.,
China and Europe, and has 307 additional patent applications filed.