Technique for implementing memory views using a layered virtualization architecture
U Steinberg, OA Ismael - US Patent 10,191,861, 2019 - Google Patents
ABSTRACT A technique implements memory views using a virtualiza tion layer of a
virtualization architecture executing on a node of a network environment. The virtualization …
virtualization architecture executing on a node of a network environment. The virtualization …
Crawlphish: Large-scale analysis of client-side cloaking techniques in phishing
Phishing is a critical threat to Internet users. Although an extensive ecosystem serves to
protect users, phishing websites are growing in sophistication, and they can slip past the …
protect users, phishing websites are growing in sophistication, and they can slip past the …
Malware detection appliance architecture
OA Ismael - US Patent 9,934,376, 2018 - Google Patents
A threat-aware virtualization module may be deployed in a malware detection appliance
architecture and execute on a malware detection system (MDS) appliance to provide exploit …
architecture and execute on a malware detection system (MDS) appliance to provide exploit …
Trex: Learning execution semantics from micro-traces for binary similarity
Detecting semantically similar functions--a crucial analysis capability with broad real-world
security usages including vulnerability detection, malware lineage, and forensics--requires …
security usages including vulnerability detection, malware lineage, and forensics--requires …
Late load technique for deploying a virtualization layer underneath a running operating system
U Steinberg, NS Kulkarni - US Patent 10,108,446, 2018 - Google Patents
A late load technique deploys a virtualization layer underneath an operating system
executing on a node of a network environment to enable the virtualization layer to control the …
executing on a node of a network environment to enable the virtualization layer to control the …
Hercule: Attack story reconstruction via community discovery on correlated log graph
Advanced cyber attacks consist of multiple stages aimed at being stealthy and elusive. Such
attack patterns leave their footprints spatio-temporally dispersed across many different logs …
attack patterns leave their footprints spatio-temporally dispersed across many different logs …
A survey on automated dynamic malware analysis evasion and counter-evasion: Pc, mobile, and web
Automated dynamic malware analysis systems are important in combating the proliferation
of modern malware. Unfortunately, malware can often easily detect and evade these …
of modern malware. Unfortunately, malware can often easily detect and evade these …
Injection of content processing delay in an endpoint
OA Ismael, A Aziz - US Patent 9,912,681, 2018 - Google Patents
A malware detection system (MDS) appliance is configured to inject delay associated with
delivery and/or processing of communication traffic directed to one or more endpoints in a …
delivery and/or processing of communication traffic directed to one or more endpoints in a …
Spotless sandboxes: Evading malware analysis systems using wear-and-tear artifacts
Malware sandboxes, widely used by antivirus companies, mobile application marketplaces,
threat detection appliances, and security researchers, face the challenge of environment …
threat detection appliances, and security researchers, face the challenge of environment …
Optimized invariant representation of network traffic for detecting unseen malware variants
New and unseen polymorphic malware, zero-day attacks, or other types of advanced
persistent threats are usually not detected by signature-based security devices, firewalls, or …
persistent threats are usually not detected by signature-based security devices, firewalls, or …