公开(公告)号：US20240289452A1

公开(公告)日：2024-08-29

申请号：US18560807

申请日：2021-07-23

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Vivek Srivastava ,  Tobias Edward Sebastian Gray ,  Ratnesh Kumar Pandey

IPC: G06F21/56 ,  G06F9/455

CPC classification number: G06F21/56 ,  G06F9/45558 ,  G06F2009/45587 ,  G06F2221/034

Abstract: An example storage medium stores instructions that, when executed, cause a processor of a computing device to receive an indication associated with a first virtual machine, the first virtual machine containing a first application, the indication indicating that a first operation in the first virtual machine is to use a second application; receive information associated with a second virtual machine, the second virtual machine created in response to the first operation and containing the second application; store information describing a chain of virtual machines, the chain of virtual machines including the first and second virtual machines, the stored information including a relationship between the first virtual machine and the second virtual machine, based on the received indication and the received information; and in response to an identification of malware in the chain of virtual machines, identify a particular virtual machine in the chain of virtual machines that is in a kill chain of the malware based on the stored information.

公开(公告)号：US20240126882A1

公开(公告)日：2024-04-18

申请号：US18547398

申请日：2021-03-11

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： James Edwin Garnett Wright ,  Ratnesh Kumar Pandey ,  David Jonathan Mansergh

IPC: G06F21/56 ,  G06F9/455

CPC classification number: G06F21/566 ,  G06F9/45558 ,  G06F21/568 ,  G06F2009/45587 ,  G06F2221/034

Abstract: An example storage medium includes instructions that, when executed, cause a processor of a computing device to encrypt a source file that has been identified as potentially malicious, place the encrypted file in a location accessible to a virtual machine, provide, to the virtual machine, information for decrypting the encrypted file, and cause the virtual machine to use the information to process the encrypted file.

公开(公告)号：US20240070276A1

公开(公告)日：2024-02-29

申请号：US18261324

申请日：2021-02-08

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Tobias Edward Sebastian Gray ,  Ratnesh Kumar Pandey

IPC: G06F21/56 ,  G06F21/57

CPC classification number: G06F21/566 ,  G06F21/564 ,  G06F21/577

Abstract: An example non-transitory computer readable storage medium comprises instructions that when executed cause a processor of an electronic device to: in response to detecting a malware scan trigger associated with a file, determine a combined risk score associated with the file based on metadata of the file and a source of the malware scan trigger, where the source includes a file access interceptor, a file write observer, and a file indexer; determine a scan priority based on the combined risk score; and perform a malware scan on the file based on the scan priority.