Resumes
Resumes
Adrian Stepan Phones & Addresses
-
2706 142Nd Pl NE, Bellevue, WA 98007
-
14641 31St St, Bellevue, WA 98007
-
14641 NE 31St St APT D8, Bellevue, WA 98007
-
4306 156Th Ave, Redmond, WA 98052
-
Kiona, WA
Publications
Us Patents
Proactive Computer Malware Protection Through Dynamic Translation
View pageUS Patent:
20060123244, Jun 8, 2006
Filed:
Dec 6, 2004
Appl. No.:
11/005000
Inventors:
Gheorghe Gheorghescu - Redmond WA, US
Adrian Marinescu - Sammamish WA, US
Adrian Stepan - Redmond WA, US
Adrian Marinescu - Sammamish WA, US
Adrian Stepan - Redmond WA, US
Assignee:
Microsoft Corporation - Redmond WA
International Classification:
H04L 9/32
US Classification:
713188000
Abstract:
The present invention includes a system and method for translating potential malware devices into safe program code. The potential malware is translated from any one of a number of different types of source languages, including, but not limited to, native CPU program code, platform independent .NET byte code, scripting program code, and the like. Then the translated program code is compiled into program code that may be understood and executed by the native CPU. Before and/or during execution, the present invention causes a scanner to search for potential malware stored in memory. If malware is not detected, the computing device causes the CPU to execute the translated program code. However, execution and/or analysis of potential malware may be interrupted if computer memory that stores potential malware is altered during execution. In this instance, the potential malware now stored in memory is translated into safe program code before being executed.
Emulating Mixed-Code Programs Using A Virtual Machine Instance
View pageUS Patent:
20120290848, Nov 15, 2012
Filed:
May 12, 2011
Appl. No.:
13/106724
Inventors:
Xun Wang - Sammamish WA, US
Adrian Emil Stepan - Bellevue WA, US
Timothy David Ebringer - Richmond, AU
Adrian Emil Stepan - Bellevue WA, US
Timothy David Ebringer - Richmond, AU
Assignee:
MICROSOFT CORPORATION - Redmond WA
International Classification:
G06F 11/00
G06F 21/00
G06F 9/455
G06F 21/00
G06F 9/455
US Classification:
713188, 703 26, 726 24
Abstract:
The subject disclosure is directed towards a technology for efficiently emulating program code that is protected by one or more various code virtualization techniques to detect the presence of malware. An emulation engine emulates a program containing a mix of native code, custom (e.g., virtualized obfuscated) code, and at least one emulator and/or interpreter that understands the custom code, by building a custom emulation component that is built by detecting and analyzing the internal emulator or interpreter. The custom emulation component may access a translation table built from the analysis, and also may simplify a plurality of instructions in the program into a lesser number of instructions in an intermediate language used for emulation.
Emulating Mixed-Code Programs Using A Virtual Machine Instance
View pageUS Patent:
20150205626, Jul 23, 2015
Filed:
Mar 27, 2015
Appl. No.:
14/670895
Inventors:
- Redmond WA, US
Adrian Emil Stepan - Bellevue WA, US
Timothy David Ebringer - Richmond, AU
Adrian Emil Stepan - Bellevue WA, US
Timothy David Ebringer - Richmond, AU
International Classification:
G06F 9/455
Abstract:
The subject disclosure is directed towards a technology for efficiently emulating program code that is protected by one or more various code virtualization techniques to detect the presence of malware. An emulation engine emulates a program containing a mix of native code, custom (e.g., virtualized obfuscated) code, and at least one emulator and/or interpreter that understands the custom code, by building a custom emulation component that is built by detecting and analyzing the internal emulator or interpreter. The custom emulation component may access a translation table built from the analysis, and also may simplify a plurality of instructions in the program into a lesser number of instructions in an intermediate language used for emulation.