Patent
1996-11-27
1998-12-29
Teska, Kevin J.
G06F 9455
Patent
active
058549161
ABSTRACT:
A computer-implemented method for executing a computer file in a CPU emulator (154) to detect a computer virus. The method includes simulating (302) the execution of a predetermined number of instructions of the computer file in the CPU emulator (154), suspending (303) the execution, constructing (304) a state record, temporarily storing (305) the state record in memory, comparing (306) the constructed state record to state records stored in a state cache (158), and indicating (308) that the file is virus free when the constructed state record matches one of the stored state records.
REFERENCES:
patent: 4975950 (1990-12-01), Lentz
patent: 5121345 (1992-06-01), Lentz
patent: 5144660 (1992-09-01), Rose
patent: 5319776 (1994-06-01), Hile et al.
patent: 5321840 (1994-06-01), Ahlin et al.
patent: 5349655 (1994-09-01), Mann
patent: 5359659 (1994-10-01), Rosenthal
patent: 5398196 (1995-03-01), Chambers
patent: 5408642 (1995-04-01), Mann
patent: 5421006 (1995-05-01), Jablon et al.
patent: 5440723 (1995-08-01), Arnold et al.
patent: 5442699 (1995-08-01), Arnold et al.
patent: 5452442 (1995-09-01), Kephart
patent: 5485575 (1996-01-01), Chess et al.
Gotlieb, L., "End Users and Responsible Computing", CMA--the Management Accounting Magazine, vol. 67, No. 7, Sep. 1993, p. 13.
Karney, J., "Changing the Rules on Viruses", PC Magazine, vol. 13, No. 14, Aug. 1994, p. NE36.
Schnaidt, P., "Security", LAN Magazine, vol. 7, No. 3, Mar. 1992, p. 19.
"UK-Sophos Intros Unix Virus Detection Software 1/26/95", Newsbytes News Network, Jan. 26, 1995.
"Anti-virus Company Claims Polymorphic Breakthrough 7/10/92", Newsbytes News Network, Jul. 10, 1992.
"LAN Buyers Guide: Network Management", LAN Magazine, vol. 7, No. 8, Aug. 1992, p. 188.
Veldman, Frans, "Virus Writing Is High-Tech Infosecurity Warfare", Security on the I-Way '95, 1995, pp. L-1-L-16, U.S.A.
Symantec Corporation, "Norton AntiVirus for Windows 95 & Special Subscription Offer", 1995, U.S.A.
ThunderBYTE B.V., "User Manual", 1995, pp. i-191, Wijchen, The Netherlands.
"Virus Infection Techniques: Part 3", Virus Bulletin,1995, pp. 006-007, Oxfordshire, England.
Cohen, Frederick B., "A Short Course on Computer Viruses--2d Ed.", John Wiley & Sons, Inc., pp. 54-55, 199-209, 1994, U.S.A.
Veldman, Frans, "Heuristic Anti-Virus Technology", Proceedings of the International Virus Protection and Information Security Conference, Apr. 1, 1994.
Wells, Joseph, "Viruses in the Wild", Proceedings of the International Virus Protection and Information Society Conference, Apr. 1, 1994.
Gordon, Scott, "Viruses & Netware", Proceedings of the International Virus Protection and Information Security Conference, Mar. 31, 1994.
Solomon, Alan, "Viruses & Polymorphism", Proceedings of the International Virus Protection and Information Security Conference, Mar. 31, 1994.
Case, Tori, "Viruses: An Executive Brief", Proceedings of the International Virus Protection and Information Security Conference, Mar. 31, 1994.
Skulason, Fridrik, "For Programmers", Virus Bulletin, Jul. 1990, pp. 10-11, Oxon, England.
Digitext, "Dr. Solomon's Anti-Virus Toolkit for Windows and DOS", S&S International PLC,Jan. 1995, pp. 1-15, 47-65, 75-77, 91-95, 113-115, and 123-142, United Kingdom.
"Automated Program Analysis for Computer Virus Detection", IBM Technical Disclosure Bulletin, vol. 34, No. 2, Jul. 1991, pp. 415-416.
"Artificial Immunity for Personal Computers", IBM Technical Disclosure Bulletin, vol. 34, No. 2, Jul. 1991, pp. 150-154.
Marshall, G., "Pest Control", LAN Magazine, Jun. 1995, pp. 55-67.
A Model for Detecting the Existence of Software Corruption in Real Time; Jeffrey M. Voas, Jeffery E. Payne, Frederick B. Cohen, 8246 Computers & Security 12 (1993) May, No. 3, Oxford, GB; XP 000383056; Elsevier Science Publishers Ltd.; pp. 275-283.
A Cryptographic Checksum for Integrity Protection; Fred Cohen, XP 000676891; North-Holland Computers & Security 6 (1987); pp. 505-510.
A New Technique For Detecting Polymorphic Computer Viruses; Carey Stover Nacehnberg; University of California, Los Angeles, 1995; pp. 1-132.
Fiul Dan
Symantec Corporation
Teska Kevin J.
LandOfFree
State-based cache for antivirus software does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with State-based cache for antivirus software, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and State-based cache for antivirus software will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1429968