Information security – Monitoring or scanning of software or data including attack...
Reexamination Certificate
2007-05-04
2011-12-27
Lemma, Samson (Department: 2432)
Information security
Monitoring or scanning of software or data including attack...
C726S025000
Reexamination Certificate
active
08087079
ABSTRACT:
A method for scanning files for security, including receiving an unfamiliar file for scanning, if the determining indicates that the mime type is suitable for analysis, then processing a buffer of file data from the unfamiliar file, including generating a histogram of frequencies of occurrence of bytes within a buffer of file data from the unfamiliar file, excluding a designated set of bytes, and if the generated histogram of frequencies of occurrence of the non-excluded bytes deviates substantially from a reference distribution, then signaling that the unfamiliar file is potentially malicious. A system and a computer-readable storage medium are also described and claimed.
REFERENCES:
patent: 6971019 (2005-11-01), Nachenberg
patent: 7657935 (2010-02-01), Stolfo et al.
patent: 2004/0111632 (2004-06-01), Halperin
patent: 2005/0177737 (2005-08-01), Takeda et al.
patent: 2005/0281291 (2005-12-01), Stolfo et al.
patent: 2006/0015630 (2006-01-01), Stolfo et al.
patent: 2006/0026675 (2006-02-01), Cai et al.
patent: 2007/0280114 (2007-12-01), Chao et al.
Stolfo, Salvatore J., Wang, Ke and Li, Wei Jen, Towards Stealthy Malware Detection http://www.thc.org/root/docs/intrusion—detection/hids/Toward%20Stealthy%20Malware%20Detectio.
Stolfo, Salvatore J., Wang, Ke and Li, Wei Jen, Fileprint Analysis for Malware Detection http://www1.cs.columbia.edu/˜w1318/papers/wormpaper2005.pdf, Jun. 19, 2005.
Abou-Assaleh, Tony, Cercone, Nick, Kesselj, Vlado and Swiedan, Ray, N-gram-based Detection of New Malicious Code, IEEE Proceedings of the 28th Annual International COMPSAC '04, 2004.
Bey Dawn-Marie
Finjan, Inc.
King & Spalding LLP
Lemma Samson
LandOfFree
Byte-distribution analysis of file security does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Byte-distribution analysis of file security, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Byte-distribution analysis of file security will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4301370