McAfee Wins ‘Malicious Behavior’ Patent

McAfee today announced that it was awarded a patent to
detect malicious software.

U.S. patent 6,775,780, “Detecting Malicious Software
By Analyzing Patterns Of System Calls Generated During Emulation,”
covers a broad swatch of programs and situations.

“This patent involves determining whether software is likely to exhibit
malicious behavior,” Chris Hamaty, director of Intellectual
Property for McAfee, told internetnews.com. “One of the ways the
patent contemplates is by analyzing patterns and system calls made during
emulation of a piece of software.”

Software emulation is a process that occurs within an insulated
environment, usually within a computer system. The emulated environment
allows the application to be tested for malicious behavior without much
risk of harm to the computer system as a whole.

According to the abstract
filed with the U.S. Patent and Trade office, the system may also compare the
pattern of system calls against a suspect patterns database. Upon the
comparison, the system will be able to determine whether malicious
behavior is likely to be exhibited by the software. The system may also be
used for on-the-fly analysis.

On-the-fly scanning for potential malicious activity is not something that
is new to the security and virus scanning industry. For years, McAfee and
others have included something called heuristics scanning in their software to help identify potential threats
based on suspect patterns.


“We think that the patent has relevance to the area of heuristics but the
patent of course speaks for itself and may have other applicability,”
Hamaty said.

Hamaty noted that the patent is broad and is believed to cover “a variety
of programs and products that are already being made and that will likely
be made in the future.”

The patent is intended to protect McAfee’s intellectual property and give
the company a degree of competitive advantage over its competitors in the highly
contentious security software space.


“We think this is an important patent in concert with our other patents in
order to help our defensive posture, protect our intellectual property and
give us a strategic advantage,” Hamaty said.

News Around the Web