Virtualization Technology News and Information
Kaspersky Lab Patents Two Methods That Counter Anti-Malware Evasion Techniques
Kaspersky Lab has been granted two patents by the United States Patent and Trademark Office for technologies designed to counteract anti-malware evasion techniques used by malware writers. 

"The techniques used by cybercriminals are evolving, but Kaspersky Lab has an answer to their stratagems. For each trick designed to fool anti-malware technologies, our experts rapidly develop countermeasures," comments Timur Biyachuev, Director of Anti-Malware Research, Kaspersky Lab.

The first patent, No. 9111096, is titled "System and Method for Preserving and Subsequently Restoring Emulator State." This patent covers a technology that counteracts attempts by malware to detect and stop emulation being used to spot malicious functionality in code. The newly-patented technology can create images of the emulator's state and load them if the execution of the code being analyzed terminates incorrectly. It also creates images if predefined events occur, providing greater flexibility when using emulation technology.

The second patent, No. 9116621, covers a technology called "System and Method of Transfer of Control between Memory Locations." The purpose of the technology is to make monitoring by a security solution invisible to malware. By controlling memory page access rights, it provides the ability to log Application Programming Interface (API) function calls made by the program being analyzed. The security solution receives data on these calls directly from the CPU using hardware interruption. When information is transferred at the hardware level, monitoring is concealed, which helps to detect new malware more effectively.

Both technologies are used in Kaspersky Total SecurityKaspersky Internet SecurityKaspersky Anti-Virus and Kaspersky Endpoint Security for Business. The first patented technology, "System and Method for Preserving and Subsequently Restoring Emulator State", is also used in Kaspersky Security for Virtualization.

Kaspersky Lab continues to develop and patent new data protection technologies. As of early September 2015, the company has 334 patents in Russia, the U.S., China and Europe, and has 307 additional patent applications filed.

Published Tuesday, September 15, 2015 6:33 PM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<September 2015>