Information security – Monitoring or scanning of software or data including attack... – Vulnerability assessment
Reexamination Certificate
2006-12-26
2006-12-26
Moazzami, Nasser (Department: 2136)
Information security
Monitoring or scanning of software or data including attack...
Vulnerability assessment
C709S223000, C709S246000, C709S203000, C713S002000, C713S164000, C713S165000, C713S167000, C726S022000, C726S023000, C726S024000
Reexamination Certificate
active
07155742
ABSTRACT:
Methods, apparati and computer readable media for countering malicious code infections that spread from a first computer to a second computer. A searching module (51) searches for a communications module (20) within the first computer (1(1)). An examining module (52) examines a function location directory (27) within the communications module (20). A locating module (53) locates a send function within the function location directory (27). A declaring module (54) declares the presence of malicious code when the function location directory (27) states that the send function is slated to start executing at a non-normal location.
REFERENCES:
patent: 5440723 (1995-08-01), Arnold et al.
patent: 5452442 (1995-09-01), Kephart
patent: 5473769 (1995-12-01), Cozza
patent: 5572590 (1996-11-01), Chess
patent: 5598531 (1997-01-01), Hill
patent: 5696822 (1997-12-01), Nachenberg
patent: 5715174 (1998-02-01), Cotichini et al.
patent: 5715464 (1998-02-01), Crump et al.
patent: 5758359 (1998-05-01), Saxon
patent: 5802178 (1998-09-01), Holden et al.
patent: 5812763 (1998-09-01), Teng
patent: 5889943 (1999-03-01), Ji et al.
patent: 5951698 (1999-09-01), Chen et al.
patent: 5956481 (1999-09-01), Walsh et al.
patent: 5960170 (1999-09-01), Chen et al.
patent: 5978917 (1999-11-01), Chi
patent: 5987610 (1999-11-01), Franczek et al.
patent: 6052709 (2000-04-01), Paul et al.
patent: 6070244 (2000-05-01), Orchier et al.
patent: 6072830 (2000-06-01), Proctor et al.
patent: 6088803 (2000-07-01), Tso et al.
patent: 6094731 (2000-07-01), Waldin et al.
patent: 6104872 (2000-08-01), Kubota et al.
patent: 6108799 (2000-08-01), Boulay et al.
patent: 6167434 (2000-12-01), Pang
patent: 6192379 (2001-02-01), Bekenn
patent: 6199181 (2001-03-01), Rechef et al.
patent: 6275938 (2001-08-01), Bond et al.
patent: 6338141 (2002-01-01), Wells
patent: 6357008 (2002-03-01), Nachenberg
patent: 6370648 (2002-04-01), Diep
patent: 6493007 (2002-12-01), Pang
patent: 6535891 (2003-03-01), Fisher et al.
patent: 6552814 (2003-04-01), Okimoto et al.
patent: 6611925 (2003-08-01), Spears
patent: 6622150 (2003-09-01), Kouznetsov et al.
patent: 6678734 (2004-01-01), Haatainen et al.
patent: 6697950 (2004-02-01), Ko
patent: 6721721 (2004-04-01), Bates et al.
patent: 6748534 (2004-06-01), Gryaznov et al.
patent: 6763462 (2004-07-01), Marsh
patent: 6813712 (2004-11-01), Luke
patent: 6851057 (2005-02-01), Nachenberg
patent: 6910134 (2005-06-01), Maher et al.
patent: 2002/0004908 (2002-01-01), Galea
patent: 2002/0035696 (2002-03-01), Thacker
patent: 2002/0046275 (2002-04-01), Crosbie et al.
patent: 2002/0083175 (2002-06-01), Afek et al.
patent: 2002/0091940 (2002-07-01), Wellborn et al.
patent: 2002/0157008 (2002-10-01), Radatti
patent: 2002/0162015 (2002-10-01), Tang
patent: 2002/0178374 (2002-11-01), Swimmer et al.
patent: 2003/0023865 (2003-01-01), Cowie et al.
patent: 2003/0051026 (2003-03-01), Carter et al.
patent: 2003/0065926 (2003-04-01), Schultz et al.
patent: 2003/0115485 (2003-06-01), Milliken
patent: 2003/0120951 (2003-06-01), Gartside et al.
patent: 2003/0126449 (2003-07-01), Kelly et al.
patent: 2003/0140049 (2003-07-01), Radatti
patent: 2003/0191966 (2003-10-01), Gleichauf
patent: 2003/0212902 (2003-11-01), van der Made
patent: 2003/0236995 (2003-12-01), Fretwell, Jr.
patent: 2004/0015712 (2004-01-01), Szor
patent: 2004/0015726 (2004-01-01), Szor
patent: 2004/0030913 (2004-02-01), Liang et al.
patent: 2004/0158730 (2004-08-01), Sarkar
patent: 2004/0162808 (2004-08-01), Margolus et al.
patent: 2004/0181687 (2004-09-01), Nachenberg et al.
patent: 2005/0021740 (2005-01-01), Bar et al.
patent: 2005/0044406 (2005-02-01), Stute
patent: 2005/0132205 (2005-06-01), Palliyil et al.
patent: 2005/0177736 (2005-08-01), De los Santos et al.
patent: 2005/0204150 (2005-09-01), Peikari
patent: 2006/0064755 (2006-03-01), Azadet et al.
patent: 100 21 686 (2001-11-01), None
patent: 1 280 039 (2003-01-01), None
patent: 2 364 142 (2002-01-01), None
patent: WO 97/39399 (1997-10-01), None
patent: WO 01/91403 (2001-11-01), None
patent: WO 02/05072 (2002-01-01), None
Vasudevan, A., et al, ‘SPiKE: Engineering Malware Analysis Tools using Unobtrusive Binary-Instrumentation’, Austrailian Computer Society, 2006, Dept of CS & Engineering, Univ of Texas at Arlington, entire document, http://crpit.com/confpapers/CRPITV48Vasudevan.pdf.
Bakos et al., “Early Detection of Internet Work Activity by Metering ICMP Destination Unreachable Activity.”, Proc. Of SPIE Conference on Sensors, and Command, Control, Communications and Intelligence, Orlando, Apr. 2002.
Toth, et al “Connection-history based anomaly detection” Proceedings of the 2002 IEEE Workshop on Information Assurance and Security. West Point, NY, Jun. 17-19, 2002. pp. 30-35.
Kephart, Jeffrey et al., “An Immune System For Cyberspace” IBM Thomas J. Watson Research Center, IEEE 1997, pp. 879-884.
Szor, P. and Ferrie, P., “Hunting for Metamorphic”, Virus Bulletin Conference, Sep. 2001, Virus Bulletin Ltd., The Pentagon, Abingdon, Oxfordshire, England, pp. 123-144.
News Release—Symantec Delivers Cutting-Edge Anti-Virus Technology with Striker32, Oct. 1, 1999, 2 pages, [online]. Retrieved on Nov. 11, 2003. Retrieved from the Internet:<URL:http://www.symantec.com/press/1999
991001.html>. Author unknown.
Von Babo, Michael, “Zehn Mythen um Computerviren: Dichtung and Wahrheit über den Schrecken des Informatikzeitalters,” Technische Rundschau, Hallwag, Bern, Switzerland, vol. 84, No. 36. Sep. 4, 1992, pp. 44-47.
Delio, M., “Virus Throttle a Hopeful Defense”, Wired News, retrieved from Internet Http://www.wired.com
ews/print/0,1294,56753,00.html Jan. 7, 2003.
“System File Protection and Windows ME”, [online], last updated Dec. 4, 2001, [retrieved on Apr. 9, 2002] Retrieved from the Internet: <URL: http://www.Microsoft.com/hwdev/archive/sfp/winME—sfpP.asp>.
“Description of Windows 2000 Windows File Protection Feature (Q222193)”, [online], first published May 26, 1999, last modified Jan. 12, 2002, [retrieved on Apr. 9, 2002] Retrieved from the Internet <URL: http://support.microsoft.com/default.aspx?scid=kb:EN-US;q222193>.
“Software: Windows ME; Windows ME and System File Protection”, [online] last updated Mar. 11, 2002, [retrieved on Apr. 9, 2002] Retrieved from the Internet: <URL: http//www.wackyb.co.nz/mesfp.html>.
Szor, P., “Memory Scanning Under Windows NT”, Virus Bulletin Conference, Sep. 1999, Virus Bulletin Ltd., The Pentagon, Abingdon, Oxfordshire, England, pp. 1-22.
Symantec Corporation “Norton AntiVirus Corporation Edition 7.0” Manual, 1999, Version 1, 44 pages.
Peter Szor, “Attacks on Win32”,Virus Bulletin Conference Proceedings, Oct. 1988, pp. 57-84, Virus Bulletin Ltd, The Pentagon, Abingdon, Oxfordshire, England.
Peter Szor, “Attacks on Win32—Part II”,Virus Bulletin Conference Proceedings, Sep. 2000, pp. 47-68, Virus Bulletin Ltd, The Pentagon, Abingdon, Oxfordshire, England.
Baum Ronald
Fenwick & West LLP
Moazzami Nasser
Symantec Corporation
LandOfFree
Countering infections to communications modules does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Countering infections to communications modules, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Countering infections to communications modules will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3718255