Information security – Monitoring or scanning of software or data including attack... – Vulnerability assessment
Reexamination Certificate
2005-03-30
2009-10-13
Smithers, Matthew B (Department: 2437)
Information security
Monitoring or scanning of software or data including attack...
Vulnerability assessment
C726S022000
Reexamination Certificate
active
07603715
ABSTRACT:
One aspect of the invention is a vulnerability detection mechanism that can detect a large class of attacks through dynamic dataflow analysis. Another aspect of the invention includes self-certifying alerts as the basis for safely sharing knowledge about worms. Another aspect of the invention is a resilient and self-organizing protocol to propagate alerts to all non-infected nodes in a timely fashion, even when under active attack during a worm outbreak. Another aspect of the invention is a system architecture that enables a large number of mutually untrusting computers to collaborate in the task of stopping a previously unknown worm, even when the worm is spreading rapidly and exploiting unknown vulnerabilities in popular software packages.
REFERENCES:
patent: 5978475 (1999-11-01), Schneier et al.
patent: 6393568 (2002-05-01), Ranger et al.
patent: 7334262 (2008-02-01), Szor
patent: 7418729 (2008-08-01), Szor
patent: 2002/0144149 (2002-10-01), Hanna et al.
patent: 2002/0178375 (2002-11-01), Whittaker et al.
patent: 2002/0199120 (2002-12-01), Schmidt
patent: 2003/0014667 (2003-01-01), Kolichtchak
patent: 2003/0105973 (2003-06-01), Liang et al.
patent: 2004/0015719 (2004-01-01), Lee et al.
patent: 2004/0158725 (2004-08-01), Szor et al.
patent: 2004/0250124 (2004-12-01), Chesla et al.
patent: 2005/0251862 (2005-11-01), Talvitie
patent: 2006/0161813 (2006-07-01), Largman et al.
patent: 2008/0209562 (2008-08-01), Szor
patent: WO 03003207 (2003-01-01), None
patent: WO 03021402 (2003-03-01), None
patent: WO 03096607 (2003-11-01), None
Castro et al., “Secure routing for structured P2P overlay networks,” 5th Usenix Symp. On Operating System Design and Implementation, Dec. 2002, pp. 299-314.
Costa et al., “Can We Contain Internet Worms,” MSR-TR-2004-83, http://research.microsoft.com/research/pubs/view.aspx?tr—id=788, Aug. 2004, pp. 1-7.
Dabek et al., “Towards a Common API for Structured Peer-to-Peer Overlays,” 2nd Int'l Workshop on P2P Systems, Feb. 2003, pp. 33-44.
Dunlap et al., “Revirt: enabling intrusion analysis through virtual-machine logging and replay,” Operating Syst. Design and Implementation, Boston, Massachusetts, Dec. 2002.
Elnozahy et al., “A survey of rollback-recovery protocols in message passing systems,” ACM Computing Surveys, vol. 32, No. 3, Sep. 2002, pp. 375-408.
Necula et al., “Safe Kernel Extensions Wihtout Run-Time Chekcing,” 2nd Symp. On Operation System Design and Implementation, Oct. 1996, pp. 229-243.
Wilander et al., A Comparison of publicaly Available Tools for Dynamic Buffer Overflow Prevention, 10th Network and Distributed Sys. Security Symp., Feb. 2003, pp. 123-130.
“Solutions for Academic Institutions,” http://www.netservers.co.uk/academic.html.
“A Network Monitoring Tool for Security—Nerd,” http://www.terena.nl/tech/task-forces/tf-csirt/meeting10/NERD-coolen.pdf,. Sep. 25, 2003, pp. 1-10.
“MicroWorld Launches a Revolutionary Concept to Tackle the Content Security Threats,” http://microworldtechnologies.com/antivirus/mwl1.asp.
Huang et al., “Web Application Security Assessment by Fault Injection and Behavior Monitoring,” 12thInt''l Conf. World Wide Web, May 21-25, 2003, Budapest, Hungary, pp. 148-159.
Castro Miguel
Costa Manuel
Crowcroft Jon
Rowstron Antony
Microsoft Corporation
Smithers Matthew B
Turk IP Law, LLC
LandOfFree
Containment of worms does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Containment of worms, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Containment of worms will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4102899