System Call Vectorization

David Tolpin (Inventor), Michael Dymshits (Inventor), David Tolpin (Inventor), Michael Dymshits (Inventor)

Research output: Patent


The systems and methods that detect malware from count vectors are provided. A count vector having multiple components is generated. The count vector tracks a number and types of system calls generated by a process. Each component in the count vector is mapped to a type of a system call that exists in an operating system. Multiple system calls generated by the process are received over a first time interval. Each system call is mapped to a component in the count vector. The count vectors are aggregated according to a second time interval into a vector packet. The vector packet is transmitted over a network to a malware detection system that uses the count vectors in the vector packet to determine whether the process is a malware process.

Original languageEnglish
Patent numberUS2018082060
IPCG06F 21/ 56 A I
Priority date16/09/16
StatePublished - 22 Mar 2018


Dive into the research topics of 'System Call Vectorization'. Together they form a unique fingerprint.

Cite this