DOE Patents title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Malicious activity detection in a memory

Abstract

A method and apparatus for monitoring a volatile memory in a computer system. Samples of compressed data from locations in the volatile memory in the computer system are read. Data in the volatile memory is reconstructed using the samples of compressed data. The data is an image of the volatile memory. The image enables determining whether an undesired process is present in the volatile memory.

Inventors:
; ; ; ;
Issue Date:
Research Org.:
Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1824029
Patent Number(s):
11023579
Application Number:
15/367,026
Assignee:
National Technology & Engineering Solutions of Sandia, LLC (Albuquerque, NM)
Patent Classifications (CPCs):
G - PHYSICS G06 - COMPUTING G06F - ELECTRIC DIGITAL DATA PROCESSING
H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
DOE Contract Number:  
AC04-94AL85000
Resource Type:
Patent
Resource Relation:
Patent File Date: 12/01/2016
Country of Publication:
United States
Language:
English

Citation Formats

Wheeler, Jason W., Quach, Tu-Thach, James, Conrad D., Aimone, James Bradley, and Rodrigues, Arun F. Malicious activity detection in a memory. United States: N. p., 2021. Web.
Wheeler, Jason W., Quach, Tu-Thach, James, Conrad D., Aimone, James Bradley, & Rodrigues, Arun F. Malicious activity detection in a memory. United States.
Wheeler, Jason W., Quach, Tu-Thach, James, Conrad D., Aimone, James Bradley, and Rodrigues, Arun F. Tue . "Malicious activity detection in a memory". United States. https://www.osti.gov/servlets/purl/1824029.
@article{osti_1824029,
title = {Malicious activity detection in a memory},
author = {Wheeler, Jason W. and Quach, Tu-Thach and James, Conrad D. and Aimone, James Bradley and Rodrigues, Arun F.},
abstractNote = {A method and apparatus for monitoring a volatile memory in a computer system. Samples of compressed data from locations in the volatile memory in the computer system are read. Data in the volatile memory is reconstructed using the samples of compressed data. The data is an image of the volatile memory. The image enables determining whether an undesired process is present in the volatile memory.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2021},
month = {6}
}

Works referenced in this record:

Data pattern verification in a gaming machine environment
patent-application, February 2006


Auditing a Device
patent-application, January 2013


Memory System, Host System, and Method of Performing Write Operations in Memory System
patent-application, May 2015


Method and System for Automatic Detection and Analysis of Malware
patent-application, March 2012


Systems and Methods for Data Compression
patent-application, August 2013