Kaspersky Lab has been granted two patents by the United States Patent and Trademark Office, for technologies designed to counteract anti-malware evasion techniques used by malware writers.
Kaspersky Lab has been granted two patents by the United States Patent and Trademark Office, for technologies designed to counteract anti-malware evasion techniques used by malware writers.
The first patent, No. 9111096, is entitled “System and Method for Preserving and Subsequently Restoring Emulator State.” It covers a technology that counteracts attempts by malware to detect and stop emulation used to spot malicious functionality in code. The newly-patented technology can create images of the emulator’s state and load them if execution of the code being analyzed terminates incorrectly. It also creates images if predefined events occur, providing greater flexibility when using emulation technology.
The second patent, No. 9116621, covers a technology called “System and Method of Transfer of Control between Memory Locations.” The purpose of the technology is to make monitoring by a security solution invisible to malware. By controlling memory page access rights, it provides the ability to log Application Programming Interface (API) function calls made by the program being analyzed. Notably, the security solution receives data on these calls directly from the CPU using hardware interrupts. By transferring this information at the hardware level, monitoring is concealed, helping to detect new malware more effectively.
Both technologies are used in Kaspersky Total Security — Multi-Device, Kaspersky Internet Security — Multi-Device, Kaspersky Anti-Virus and Kaspersky Endpoint Security for Business. The technology called “System and Method for Preserving and Subsequently Restoring Emulator State” is also used in Kaspersky Security for Virtualization.
“The techniques used by cybercriminals are evolving, but Kaspersky Lab has an answer to their stratagems. For each trick designed to fool anti-malware technologies, our experts rapidly develop countermeasures that ultimately prevent our solutions from becoming less effective,” comments Timur Biyachuev, Director of Anti-Malware Research, Kaspersky Lab.
Kaspersky Lab continues to develop and patent new data protection technologies. By mid-September 2015, the company has 342 patents in Russia, the US, China and Europe, with 316 more patent applications filed.
