公开(公告)号：US10419486B1

公开(公告)日：2019-09-17

申请号：US15290979

申请日：2016-10-11

申请人： The MITRE Corporation

发明人： Joseph Portner ,  Colin Courtney ,  David Bryson ,  Sarah Ford ,  Collin McRae

IPC分类号： H04L29/00 ,  H04L29/06 ,  G06F8/65

摘要： Systems and methods for managing and implementing secure runtime software hooking on devices are provided. The system and method disclosed includes components and features that enable enterprises and organizations to securely manage mobile devices that have access to the organization's data and network resources. Various embodiments provide for secure systems and methods to modify a behavior of an operating system or one or more applications, without having to flash or modify the Read-only Memory (ROM).

公开(公告)号：US11080399B2

公开(公告)日：2021-08-03

申请号：US16720811

申请日：2019-12-19

申请人： The MITRE Corporation

发明人： David Keppler ,  Ivan Lozano ,  Joseph Portner ,  Andrew Pyles ,  Christina L. Johns ,  David Bryson

IPC分类号： G06F21/56 ,  H04L29/06 ,  G06F21/55 ,  G06F21/57

摘要： A system and method for implementing a software emulation environment is provided. In one example, a mobile application can interface with an emulation environment that can be used to test whether the mobile application includes malware that can compromise the security and integrity of an enterprise's computing infrastructure. When the mobile application issues a call for data, a device mimic module can intercept the call and determine if the call includes a call for one or more checkable artifacts that can reveal the existence of the emulation environment. If such a call for data occurs, the device mimic module can provide one or more spoofed checkable artifacts that have been recorded from a real-world mobile device. In this way, the existence of the emulation environment can be concealed so as to allow for a more thorough analysis of a mobile application for potential hidden malware.

公开(公告)号：US10528734B2

公开(公告)日：2020-01-07

申请号：US15081280

申请日：2016-03-25

申请人： The MITRE Corporation

发明人： David Keppler ,  Ivan Lozano ,  Joseph Portner ,  Andrew Pyles ,  Christina L. Johns ,  David Bryson

IPC分类号： G06F21/56 ,  H04L29/06 ,  G06F21/55 ,  G06F21/57

摘要： A system and method for implementing a software emulation environment is provided. In one example, a mobile application can interface with an emulation environment that can be used to test whether the mobile application includes malware that can compromise the security and integrity of an enterprise's computing infrastructure. When the mobile application issues a call for data, a device mimic module can intercept the call and determine if the call includes a call for one or more checkable artifacts that can reveal the existence of the emulation environment. If such a call for data occurs, the device mimic module can provide one or more spoofed checkable artifacts that have been recorded from a real-world mobile device. In this way, the existence of the emulation environment can be concealed so as to allow for a more thorough analysis of a mobile application for potential hidden malware.