×

Malicious content analysis with multi-version application support within single operating environment

  • US 9,626,509 B1
  • Filed: 03/13/2013
  • Issued: 04/18/2017
  • Est. Priority Date: 03/13/2013
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method for detecting malicious content, the method comprising:

  • installing a plurality of versions of a software application concurrently within a virtual machine by at least registering each of the plurality of versions of the software application with an operating system of the virtual machine under different identifiers, each of the plurality of versions of the software application being different from each other;

    selecting, by logic within a virtual machine monitor being executed by a processor of a data processing system, a subset of the plurality of versions of the software application that are concurrently installed within the virtual machine that is executed within the data processing system;

    processing one or more software application versions of the subset of the plurality of versions of the software application to access a malicious content suspect within the virtual machine, without switching to another virtual machine;

    monitoring, by a monitoring module, behaviors of the malicious content suspect during processing by one or more software application versions of the subset of the plurality of versions of the software application to detect behaviors associated with a malicious attack;

    storing information associated with the detected behaviors that are associated with a malicious attack; and

    issuing an alert with respect to any detected malicious content.

View all claims
  • 9 Assignments
Timeline View
Assignment View
    ×
    ×