Patents by Inventor Greg W. Dalcher

Greg W. Dalcher has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11328063
    Abstract: Particular embodiments described herein provide for an electronic device that can be configured to intercept a process, store execution profiling for the process if the process involves a privileged resource or a privileged operation, and analyze the code involved in each stack frame to determine malicious activity. If the process does not involve a privileged resource or a privileged operation, then the process is not analyzed.
    Type: Grant
    Filed: November 1, 2019
    Date of Patent: May 10, 2022
    Assignee: McAfee, LLC
    Inventor: Greg W. Dalcher
  • Patent number: 10803165
    Abstract: Particular embodiments described herein provide for an electronic device that can be configured to monitor code as it executes. The code can include self-modifying code. The system can log an event if the self-modifying code occurred in a GetPC address region.
    Type: Grant
    Filed: September 26, 2015
    Date of Patent: October 13, 2020
    Assignee: McAfee, LLC
    Inventors: Koichi Yamada, Palanivel Rajan Shanmugavelayutham, Greg W. Dalcher, Sravani Konda
  • Publication number: 20200065493
    Abstract: Particular embodiments described herein provide for an electronic device that can be configured to intercept a process, store execution profiling for the process if the process involves a privileged resource or a privileged operation, and analyze the code involved in each stack frame to determine malicious activity. If the process does not involve a privileged resource or a privileged operation, then the process is not analyzed.
    Type: Application
    Filed: November 1, 2019
    Publication date: February 27, 2020
    Applicant: McAfee, LLC
    Inventor: Greg W. Dalcher
  • Patent number: 10467409
    Abstract: Particular embodiments described herein provide for an electronic device that can be configured to intercept a process, store execution profiling for the process if the process involves a privileged resource or a privileged operation, and analyze the code involved in each stack frame to determine malicious activity. If the process does not involve a privileged resource or a privileged operation, then the process is not analyzed.
    Type: Grant
    Filed: December 23, 2014
    Date of Patent: November 5, 2019
    Assignee: McAfee, LLC
    Inventor: Greg W. Dalcher
  • Patent number: 9934380
    Abstract: In an example, there is provided a system and method for execution profiling detection of malicious software objects. An execution profiling (EXP) engine may be provided in conjunction with a binary translation engine (BTE). Both may operate within a trusted execution environment (TEE). Because many malware objects make assumptions about memory usage of host applications, they may cause exceptions when those assumptions prove untrue. The EXP engine may proactively detect such exceptions via the BTE when the BTE performs its translation function. Thus, malicious behavior may be detected before a binary runs on a system, and remedial measures may be provided.
    Type: Grant
    Filed: December 23, 2014
    Date of Patent: April 3, 2018
    Assignee: McAfee, LLC
    Inventors: Greg W. Dalcher, Koichi Yamada, Palanivel Rajan Shanmugavelayutham, Jitendra P. Singh
  • Publication number: 20160381043
    Abstract: Particular embodiments described herein provide for an electronic device that can be configured to monitor code as it executes. The code can include self-modifying code. The system can log an event if the self-modifying code occurred in a GetPC address region.
    Type: Application
    Filed: September 26, 2015
    Publication date: December 29, 2016
    Applicant: McAfee, Inc.
    Inventors: Koichi Yamada, Palanivel Rajan Shanmugavelayutham, Greg W. Dalcher, Sravani Konda
  • Publication number: 20160180089
    Abstract: Particular embodiments described herein provide for an electronic device that can be configured to intercept a process, store execution profiling for the process if the process involves a privileged resource or a privileged operation, and analyze the code involved in each stack frame to determine malicious activity. If the process does not involve a privileged resource or a privileged operation, then the process is not analyzed.
    Type: Application
    Filed: December 23, 2014
    Publication date: June 23, 2016
    Inventor: Greg W. Dalcher
  • Publication number: 20160180090
    Abstract: In an example, there is provided a system and method for execution profiling detection of malicious software objects. An execution profiling (EXP) engine may be provided in conjunction with a binary translation engine (BTE). Both may operate within a trusted execution environment (TEE). Because many malware objects make assumptions about memory usage of host applications, they may cause exceptions when those assumptions prove untrue. The EXP engine may proactively detect such exceptions via the BTE when the BTE performs its translation function. Thus, malicious behavior may be detected before a binary runs on a system, and remedial measures may be provided.
    Type: Application
    Filed: December 23, 2014
    Publication date: June 23, 2016
    Applicant: McAfee, Inc.
    Inventors: Greg W. Dalcher, Koichi Yamada, Palanivel Rajan Shanmugavelayutham, Jitendra P. Singh