Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2007-06-19
2007-06-19
Sheikh, Ayaz (Department: 2131)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C713S188000, C703S023000, C703S026000
Reexamination Certificate
active
09946505
ABSTRACT:
Virus fingerprint data is automatically generated for use in detecting computer viruses and virus removal data for use in removing computer viruses from infected files. The fingerprint generation technique serves to identify the infected virus carrying portions of a computer file and then search within those portions for matching blocks of bytes in excess of a certain size that are consistently located at a predetermined position within the infected computer file such that they may be used to reliably detect that computer virus when it is infecting different host computer files. The removal data generation mechanism serves to search the infected computer file against a clean version of that computer file to identify matching blocks. Critical data missing within the infected computer file may be found within the virus carrying portions by the application of various decryption techniques. Cutting points to remove the virus carrying portions are identified. The fingerprint data and the removal data are tested on pairs of clean and infected computer files to verify that they operate correctly.
REFERENCES:
patent: 5349655 (1994-09-01), Mann
patent: 5398196 (1995-03-01), Chambers
patent: 5440723 (1995-08-01), Arnold et al.
patent: 5485575 (1996-01-01), Chess et al.
patent: 5696822 (1997-12-01), Nachenberg
patent: 5854916 (1998-12-01), Nachenberg
patent: 6338141 (2002-01-01), Wells
patent: 6357008 (2002-03-01), Nachenberg
patent: 6851057 (2005-02-01), Nachenberg
patent: 6907396 (2005-06-01), Muttik et al.
patent: 6976271 (2005-12-01), Le Pennec et al.
patent: 6981279 (2005-12-01), Arnold et al.
patent: 6983486 (2006-01-01), Hanchett
Kephart, Jeffrey O., Gregory B. Sorkin, Morton Swimmer, and Steve R. White. “Blueprint for a Computer Immune System.” Proceedings of the 1997 International Virus Bulletin Conference, San Francisco, California, 1997. URL:www.research.ibm.com/antivirus/SciPapers/Kephart/VB97, accessed Mar. 22, 2007.
Jeffrey 0. Kephart and William C, “Arnold. Automatic Extraction of Computer Virus Signatures”, 4th Virus Bulletin International Conference, pp. 178-184, 1994.
Gryaznov Dmitry Olegovich
Peternev Viatcheslav Nikolaevich
Teblyashkin Ivan Alexandrovich
Hamaty Christopher J.
Henning Matthew
McAfee, Inc.
Sheikh Ayaz
Zilka-Kotab, PC
LandOfFree
Automatic builder of detection and cleaning routines for... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Automatic builder of detection and cleaning routines for..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Automatic builder of detection and cleaning routines for... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3837835