Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Patent
1996-02-09
2000-05-23
Teska, Kevin J.
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
713200, G06F 1520
Patent
active
060674105
ABSTRACT:
An emulation repair system (200) restores virus-infected computer files (220) to their uninfected states without risk of infecting the rest of the computer system (202), by providing a virtual machine (216) for emulating the virus-infected computer file (220), a foundation module (240) including generic, machine language repair routines (242), and a virus specific overlay module (262). Emulation repair system (200) receives the identity of the infected computer file (220) and the infecting virus (224) from a virus scanning module, and uses the received information to access a virus definition (232) that includes decryption information on the identified virus (224). The infected computer file (220) is emulated in the virtual machine (216) until it is determined from comparison with the decryption information that the virus (224) is fully decrypted. The foundation and overlay modules (240, 262) are then loaded into the virtual machine (216) and control of the virtual machine (216) is given to the overlay module (262). The overlay module (262) calls repair routines in the foundation module (240), the overlay module (262), and the virus itself (224), as necessary, to restore over-written host bytes (228) from the infected host file (220) to their proper locations in the infected host file (220). Repairs made to the image (220") of the host file (220) in the virtual machine (216) are reflected to a back-up file (220') in the computer system (202).
REFERENCES:
patent: 4975950 (1990-12-01), Lentz
patent: 5121345 (1992-06-01), Lentz
patent: 5144660 (1992-09-01), Rose
patent: 5319776 (1994-06-01), Hile et al.
patent: 5321840 (1994-06-01), Ahlin et al.
patent: 5349655 (1994-09-01), Mann
patent: 5359659 (1994-10-01), Rosenthal
patent: 5398196 (1995-03-01), Chambers
patent: 5408642 (1995-04-01), Mann
patent: 5421006 (1995-05-01), Jablon et al.
patent: 5440723 (1995-08-01), Armold et al.
patent: 5442699 (1995-08-01), Arnold et al.
patent: 5485575 (1996-01-01), Chess et al.
patent: 5559960 (1996-09-01), Lettvin
patent: 5613002 (1997-03-01), Kephart et al.
patent: 5623600 (1997-04-01), Ji et al.
"Automated Program Analysis for Computer Virus Detection", IBM Technical Disclosure Bulletin, vol. 34, No. 2, Jul. 1991, pp. 415-416.
"Artificial Immunity for Personal Computers", IBM Technical Disclosure Bulletin, vol. 34, No. 2, Jul. 1991, pp. 150-154.
Marshall, G., "Pest Control", LAN Magazine, Jun. 1995, pp. 54-67.
Digitext, "Dr. Solomon's Anti-Virus Toolkit for Windows and DOS", S&S International PLC, Jan. 1995, pp. 1-15, 47-65, 75-77, 91-95, 113-115, and 123-142, United Kingdom.
Veldman, Frans, "Virus Writing Is High-Tech Infosecurity Warfare", Security on the I-Way '95, 1995, pp. L-1-L-16, U.S.A.
Symantec Corporation, "Norton AntiVirus for Windows 95 & Special Subscription Offer", 1995, U.S.A.
"ThunderBYTE Anti-Virus Utilities User Manual", ThunderBYTE B.V., 1995, pp. i-191, Wijchen, The Netherlands.
"Virus Infection Techniques: Part 3", Virus Bulletin, Jan. 1995, pp. 006-007, Oxfordshire, England.
"UK--Sophos Intros Unix Virus Detection Software Jan. 26, 1995", Newsbytes News Network, Jan. 26, 1995, U.S.A.
Cohen, Frederick B., "A Short Course on Computer Viruses", John Wiley & Sons, Inc., Second Edition, pp. 54-55, 199-209, 1994, U.S.A.
Veldman, Frans, "Heuristic Anti-Virus Technology", Proceedings of the International Virus Protection and Information Security Council, Apr. 1, 1994.
Karney, James, "Changing the Rules on Viruses; Trend Micro Devices Inc.'s PC Rx 4.0 virus Detection Software", PC Magazine, Aug., 1994, vol. 13, No. 14; p. NE36, U.S.A.
Wells, Joseph, "Viruses in the Wild", Proceedings of the International Virus Protection and Information Security Council, Apr. 1, 1994.
Gordon, Scott, "Viruses & Netware", Proceedings of the International Virus Protection and Information Security Council, Mar. 31, 1994.
Solomon, Alan, "Viruses & Polymorphism", Proceedings of the International Virus Protection and Information Security Council, Mar. 31, 1994.
Case, Tori, "Viruses: An Executive Brief", Proceedings of the International Virus Protection and Information Security Council, Mar. 31, 1994.
Gotlieb, Leo, "End users and responsible computing: Information Management", CMA--the Management Accounting Magazine, Sep., 1993, vol. 67, No. 7, p. 13, U.S.A.
"Network Management; LAN Buyers Guide: Network Management; Buyers Guide", LAN Magazine, Aug., 1992, vol. 7; No. 8, p. 188, U.S.A.
"Anti-virus Company Claims Polymorphic Breakthrough Jul. 10, 1992", Newsbytes News Network, Jul. 10, 1992, U.S.A.
Schnaidt, Patricia, "Security; data security issues; Lesson 44; Tutorial", LAN Magazine, Mar., 1992, U.S.A.
Skulason, Fridrik, "For Programmers", Virus Bulletin, Jul. 1990, pp. 10-11, Oxon, England.
Do Thuan
Symantec Corporation
Teska Kevin J.
LandOfFree
Emulation repair system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Emulation repair system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Emulation repair system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1842720