09262635 is referenced by 44 patents and cites 502 patents.

A computerized system and method is described for classifying objects as malicious by processing the objects in a virtual environment and monitoring behaviors during processing by one or more monitors. The monitors may monitor and record selected sets of process operations and capture associated process parameters, which describe the context in which the process operations were performed. By recording the context of process operations, the system and method described herein improves the intelligence of classifications and consequently reduces the likelihood of incorrectly identifying objects as malware or vice versa.

Title
Detection efficacy of virtual machine-based analysis with application specific events
Application Number
14/173765
Publication Number
9262635 (B2)
Application Date
February 5, 2014
Publication Date
February 16, 2016
Inventor
Sai Vashisht
Union City
CA, US
Sushant Paithane
Sunnyvale
CA, US
Agent
William W Schaal
Rutan & Tucker
Assignee
FireEye
CA, US
IPC
G06F 21/53
G06F 21/56
G06F 21/00
View Original Source