Detection of decryption to identify encrypted virus

Information security – Monitoring or scanning of software or data including attack... – Intrusion detection

Reexamination Certificate

Rate now

[ 0.00 ] – not rated yet Voters 0 Comments 0

Details Detection of decryption to identify encrypted virus Detection of decryption to identify encrypted virus

: 2001-07-14
: 2008-03-25
: Moise, Emmanuel L. (Department: 2137)
: Information security
: Monitoring or scanning of software or data including attack...
: Intrusion detection

: C713S187000, C713S188000
: Reexamination Certificate
: active
: 07350235
: ABSTRACT:
A method of detecting decryption of encrypted viral code is provided. Executable code in a subject file is emulated by a code emulator. A memory monitor monitors memory access information supplied by the emulator. A memory area that is read during emulation of an instruction in the code is flagged. Modification to the flagged memory area which was read is determined. The memory monitor determines whether a memory region that is contiguous with the modified memory area, and then updates the memory region to encompass the modified memory area. The memory monitor also determines whether the updated memory region is larger than a predetermined size to trigger viral detection. The detection method may be embodied in a computer system, in a computer program (or some unit of code) stored on a computer readable medium, such as a floppy disk, CD, DVD, etc., and/or transmitted via a network, such as the Internet, or another transmission medium.

REFERENCES:
patent: 5765030 (1998-06-01), Nachenberg et al.
patent: 5826013 (1998-10-01), Nachenberg
patent: 5842002 (1998-11-01), Schnurer et al.
patent: 6357008 (2002-03-01), Nachenberg
patent: 6971019 (2005-11-01), Nachenberg
patent: 7069583 (2006-06-01), Yann et al.
patent: 7069589 (2006-06-01), Schmall et al.
patent: 7210040 (2007-04-01), Jordan
patent: 2002/0073330 (2002-06-01), Chandnani et al.
patent: 2002/0083334 (2002-06-01), Rogers et al.
patent: 2002/0091934 (2002-07-01), Jordan

Affiliated with

Jordan Myles

Inventor

[ 0.00 ] – not rated yet Voters 0 Comments 0

Also associated with

Baker & Botts L.L.P.

Law Firm

[ 0.00 ] – not rated yet Voters 0 Comments 0

Computer Associates Think Inc.

Corporate Assignee

[ 0.00 ] – not rated yet Voters 0 Comments 0

Moise Emmanuel L.

Examiner

[ 0.00 ] – not rated yet Voters 0 Comments 0

Pyzocha Michael

Examiner

[ 0.00 ] – not rated yet Voters 0 Comments 0

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Detection of decryption to identify encrypted virus does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Detection of decryption to identify encrypted virus, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Detection of decryption to identify encrypted virus will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFUS-PAI-O-3979578

All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.

Canada

Charities
Companies
MP Candidates
Patents
Employee Salary Disclosure

World

Places of the World
Scientific Papers

United States

Banks
Companies
Counties
Patents
Employee Salary Disclosure