Detecting dissemination of malicious programs

Information security – Monitoring or scanning of software or data including attack... – Intrusion detection

Reexamination Certificate

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

C713S188000, C726S022000, C726S023000

Reexamination Certificate

active

07140041

ABSTRACT:
A method, system and computer program product for detecting the dissemination of malicious programs. The degree of randomness in the Internet Protocol (IP) destination addresses of received IP packets to be forwarded to an external network may be detected by performing a hash function on the IP destination addresses thereby generating one or more different hash values. If a high number of different hash values were generated for a small number of IP packets examined, then random IP destination addresses may be detected. By detecting random destination IP addresses, the dissemination of a malicious program, e.g., virus, worm program, may be detected.

REFERENCES:
patent: 5414833 (1995-05-01), Hershey et al.
patent: 5606668 (1997-02-01), Shwed
patent: 5825750 (1998-10-01), Thompson
patent: 5958053 (1999-09-01), Denker
patent: 6009475 (1999-12-01), Shrader
patent: 6016546 (2000-01-01), Kephart et al.
patent: 6119236 (2000-09-01), Shipley
patent: 6182226 (2001-01-01), Reid et al.
patent: 6185680 (2001-02-01), Shimbo et al.
patent: 6304975 (2001-10-01), Shipley
patent: 6389419 (2002-05-01), Wong et al.
patent: 6487666 (2002-11-01), Shanklin et al.
patent: 6519703 (2003-02-01), Joyce
patent: 7017185 (2006-03-01), Wiley et al.
patent: 2002/0032871 (2002-03-01), Malan et al.
patent: 2002/0035683 (2002-03-01), Kaashoek et al.
patent: 2002/0095492 (2002-07-01), Kaashoek et al.
patent: 2002/0103916 (2002-08-01), Chen et al.
patent: 2002/0157020 (2002-10-01), Royer
patent: 2002/0166063 (2002-11-01), Lachman et al.
patent: 2002/0199109 (2002-12-01), Boom
patent: 2003/0009693 (2003-01-01), Brock et al.
patent: 2003/0061514 (2003-03-01), Bardsley et al.
patent: 2003/0084344 (2003-05-01), Tarquini et al.
patent: 2003/0115485 (2003-06-01), Milliken
patent: 2003/0135758 (2003-07-01), Turner
patent: 2003/0145225 (2003-07-01), Bruton et al.
patent: 2003/0212903 (2003-11-01), Porras et al.
patent: 2004/0003116 (2004-01-01), Munger et al.
patent: 2004/0221191 (2004-11-01), Porras et al.
patent: 1122932 (2001-08-01), None
patent: WO9948303 (1999-09-01), None
Loudon, Kyle. “Mastering Algorithms with C”, Aug. 1999, Published by O'Reilly & Associates, Inc., chapters 8 and 12.17-12.20.
Ye et al. Probabilistic Techniques for Intrusion Detection Based on Computer Audit Data. In IEEE Transactions on Systems, Man, and Cybernetics-Part A, vol. 31, No. 4, Jul. 2001.
Staniford-Chen, S. Cheung, R. Crawford, M. Dilger, J. Frank, J. Hoagland, K. Levitt, C. Wee, R. Yip, and D. Zerkle. GrIDS—a graph based intrusion detection system for large networks. In Proceedings of the 19th National Information Systems Security Conf.
“Automated Program Analysis for Computer Virus Detection,”IBM Technical Disclosure Bulletin, vol. 34, No. 2, Jul. 1991, pp. 415-416.
Shiuhpyng Winston Shieh et al. “A Pattern-Oriented Intrusion-Detection Model and Its Applications,”IEEE, 19991, pp. 327-342.

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Detecting dissemination of malicious programs does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Detecting dissemination of malicious programs, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Detecting dissemination of malicious programs will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-3693091

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.