Antivirus and security software maker McAfee has been awarded a patent for a group of programs designed to work conjointly to detect software that may behave badly.
"This patent involves determining whether software is likely to exhibit malicious behavior," McAfee director of intellectual property Chris Hamaty told InternetNews.com. "One of the ways the patent contemplates is by analyzing patterns and system calls made during emulation of a piece of software."
The abstract filed with the U.S. Patent and Trade Office for patent No. 6,775,780, "Detecting Malicious Software By Analyzing Patterns Of System Calls Generated During Emulation," suggests this so-called software emulation occurs within insulated environments, lets an application be tested for malicious behavior without risk of harm to the computer system on whole, and can compare patterns of system calls against a database of suspect patterns.
"Using results of the foregoing comparison, it may then be determined whether the software is likely to exhibit malicious behavior," said a McAfee press release.
“The system may also be used for on-the-fly analysis,” said InternetNews.com.
Announcing the patent award, McAfee said the system's process "may be continued as necessary to search for behavior that is likely to be malicious. Moreover, termination conditions may be used to halt the above functionality under certain circumstances. Just by way of example, the process may be terminated if a maximum number of instructions are executed during the emulation. Still yet, the process may be terminated if a maximum number of system calls are made during the emulation. Thus, the patented use of software emulation enables improved searching for likely malicious behavior."
Hamaty also said the patent is broad enough to cover a variety of programs and products already being made and likely to be made in the future, and gives McAfee a certain degree of competitive advantage. "We think this is an important patent in concert with our other patents in order to help our defensive posture, protect our intellectual property and give us a strategic advantage," he said.
"This patent is another example of [our] research and development leadership in the security field," McAfee chief technology officer Christopher Bolin said in the press release. "With this technology, McAfee customers are better equipped to search for malicious activity in their computing environment."
