Kaspersky Lab Patents Two Methods That Counter Anti-Malware Evasion Techniques
Kaspersky Lab Patents Two Methods That Counter Anti-Malware Evasion Techniques
Woburn, MA – September 15, 2015 --Kaspersky Lab has been granted two patents by the United States Patent and Trademark Office, for technologies designed to counteract anti-malware evasion techniques used by malware writers.
“The techniques used by cybercriminals are evolving, but Kaspersky Lab has an answer to their stratagems. For each trick designed to fool anti-malware technologies, our experts rapidly develop countermeasures,” comments Timur Biyachuev, Director of Anti-Malware Research, Kaspersky Lab.
The first patent, No. 9111096, is entitled “System and Method for Preserving and Subsequently Restoring Emulator State.” This patent covers a technology that counteracts attempts by malware to detect and stop emulation being used to spot malicious functionality in code. The newly-patented technology can create images of the emulator’s state and load them if the execution of the code being analyzed terminates incorrectly. It also creates images if predefined events occur, providing greater flexibility when using emulation technology.
The second patent, No. 9116621, covers a technology called “System and Method of Transfer of Control between Memory Locations.” The purpose of the technology is to make monitoring by a security solution invisible to malware. By controlling memory page access rights, it provides the ability to log Application Programming Interface (API) function calls made by the program being analyzed. The security solution receives data on these calls directly from the CPU using hardware interruption. When information is transferred at the hardware level, monitoring is concealed, which helps to detect new malware more effectively.
Both technologies are used in Kaspersky Total Security, Kaspersky Internet Security, Kaspersky Anti-Virus and Kaspersky Endpoint Security for Business. The first patented technology, “System and Method for Preserving and Subsequently Restoring Emulator State”, is also used in Kaspersky Security for Virtualization.
Kaspersky Lab continues to develop and patent new data protection technologies. As of early September 2015, the company has 334 patents in Russia, the U.S., China and Europe, and has 307 additional patent applications filed.
About Kaspersky Lab
Kaspersky Lab is one of the world’s fastest-growing cybersecurity companies and the largest that is privately-owned. The company is ranked among the world’s top four vendors of security solutions for endpoint users (IDC, 2014). Since 1997 Kaspersky Lab has been an innovator in cybersecurity and provides effective digital security solutions and threat intelligence for large enterprises, SMBs and consumers. Kaspersky Lab is an international company, operating in almost 200 countries and territories across the globe, providing protection for over 400 million users worldwide.
Learn more atwww.kaspersky.com.
Media contact:
Sarah Kitsos
sarah.kitsos@kaspersky.com
781-503-2615
Kaspersky Lab Patents Two Methods That Counter Anti-Malware Evasion Techniques
Kaspersky