SYSTEM AND METHOD OF PERFORMING AN ANTIVIRUS SCAN OF A FILE ON A VIRTUAL MACHINE

SYSTEM AND METHOD OF PERFORMING AN ANTIVIRUS SCAN OF A FILE ON A VIRTUAL MACHINE

A method and system are provided for performing an antivirus scan of a file on a virtual machine. An example method includes performing a first execution of the file on the virtual machine, recording a first log that includes an API function call and an internal event detected during execution, and...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: KARASOVSKY, Dmitry V, GOLOVKIN, Maxim Y, PINTIYSKY, Vladislav V, MONASTYRSKY, Alexey V, KOBYCHEV, Denis Y, BUTUZOV, Vitaly V
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A method and system are provided for performing an antivirus scan of a file on a virtual machine. An example method includes performing a first execution of the file on the virtual machine, recording a first log that includes an API function call and an internal event detected during execution, and determining if any signatures in the log are stored in a signatures database. Moreover, if no signatures in the first log are found in the first database of signatures, the file is classified as not malicious. In contrast, if at least one signature is found, a second execution of the file is perform and a second log is recorded that includes a detected internal event. Moreover, the method includes determining if any signatures in the second log are stored in a second database of signatures; and classifying the file as not malicious if no signatures are found.