Cryptography – Cryptanalysis
Patent
1994-04-12
1996-11-05
Tarcza, Thomas H.
Cryptography
Cryptanalysis
380 49, 380 23, 380 24, 380 25, 395186, G11B 328, H04L 900, H04K 100
Patent
active
055725902
ABSTRACT:
The present system and method uses information about digital information (objects) to determine whether or not changes to the objects were caused by a normal system operation or by a malicious program. The invention uses a reference separation algorithm to separate, at a reference time, one or more digital objects into a plurality of reference subsets of information that describe the object contents. A plurality of these reference subsets are then selected by a selection algorithm and information associated with each selected reference subset is stored. At some later time, called the test time, a test separation algorithm is used to separate the digital signatures of the object into a plurality of test subsets of information that describe the object contents at test time. A plurality of these test subsets are then selected by the test selection algorithm. A test information algorithm that is associated with each selected test subset then develops test subset information about the respective a test subset. The test subset information and the reference subset information is then compared to develop a set of differences. Rules are applied to the set of differences to determine whether the digital information at test time was changed (maliciously) from the digital information at reference time.
REFERENCES:
patent: 4796181 (1989-01-01), Wiedemer
patent: 4796220 (1989-01-01), Wolfe
patent: 4881264 (1989-11-01), Merkle
patent: 4949380 (1990-08-01), Chaum
patent: 4975950 (1990-12-01), Lentz
patent: 4980782 (1990-12-01), Ginkel
patent: 5005200 (1991-04-01), Fischer
patent: 5019899 (1991-05-01), Boles et al.
patent: 5050212 (1991-09-01), Dyson
patent: 5097504 (1992-03-01), Camion et al.
patent: 5121345 (1992-06-01), Lentz
patent: 5144659 (1992-09-01), Jones
patent: 5161192 (1992-11-01), Carter et al.
patent: 5202982 (1993-04-01), Gramlich et al.
patent: 5237678 (1993-08-01), Kuechler et al.
patent: 5274807 (1993-12-01), Hoshen et al.
patent: 5278901 (1994-01-01), Shieh et al.
patent: 5289540 (1994-02-01), Jones
patent: 5297208 (1994-03-01), Schlafly et al.
patent: 5315655 (1994-05-01), Chaplin
patent: 5343530 (1994-08-01), Viricel
patent: 5349655 (1994-09-01), Mann
patent: 5367573 (1994-11-01), Quimby
patent: 5379342 (1995-01-01), Arnold et al.
patent: 5379343 (1995-01-01), Grube et al.
patent: 5386470 (1995-01-01), Carter et al.
patent: 5408642 (1995-04-01), Mann
patent: 5421006 (1995-05-01), Jablon et al.
patent: 5440723 (1995-08-01), Arnold et al.
patent: 5442699 (1995-08-01), Arnold et al.
patent: 5448668 (1995-09-01), Perelson et al.
patent: 5452442 (1995-09-01), Kephart
patent: 5455941 (1995-10-01), Okuno et al.
patent: 5473769 (1995-12-01), Cozza
patent: 5485575 (1996-01-01), Chess et al.
patent: 5502815 (1996-03-01), Cozza
Steves, D. H., "Trojan Horse and Virus Detection Using Real Time Auditing", IBM TDB n7b Dec. 1991 pp. 78-81 (Austin).
Arnold, W. C., Chess, D. M. "System for Detecting Undesired Alteration of Software", IBM TDB n11 Apr. 1990 pp. 48-50.
Drumheller Ronald L.
International Business Machines - Corporation
Percello Louis J.
Sayadian Hrayr A.
Tarcza Thomas H.
LandOfFree
Discrimination of malicious changes to digital information using does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Discrimination of malicious changes to digital information using, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Discrimination of malicious changes to digital information using will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2021368