Malware detection and identification via malware spoofing

Information security – Monitoring or scanning of software or data including attack... – Intrusion detection

Reexamination Certificate

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

C726S022000, C726S025000, C713S187000, C713S188000

Reexamination Certificate

active

08056134

ABSTRACT:
A malware spoof component may be a formed component which has some but not all characteristics of an actual malware file or other component. Alternately, a spoof component may be an isolated component extracted from actual malware. Malware spoof components may be placed on a target system, after which a listing is obtained and checked. If the placed spoof component does not appear in the listing, then the spoof component may have been filtered out by malware infecting the system, thereby revealing the malware's presence.

REFERENCES:
patent: 6480962 (2002-11-01), Touboul
patent: 6804780 (2004-10-01), Touboul
patent: 7010698 (2006-03-01), Sheymov
patent: 7065657 (2006-06-01), Moran
patent: 7086090 (2006-08-01), Dawson et al.
patent: 7093239 (2006-08-01), van der Made
patent: 7484094 (2009-01-01), Millard et al.
patent: 7640583 (2009-12-01), Marinescu et al.
patent: 2002/0083343 (2002-06-01), Crosbie et al.
patent: 2003/0037138 (2003-02-01), Brown et al.
patent: 2004/0064736 (2004-04-01), Obrecht et al.
patent: 2004/0078592 (2004-04-01), Fagone et al.
patent: 2004/0117478 (2004-06-01), Triulzi et al.
patent: 2004/0128543 (2004-07-01), Blake et al.
patent: 2004/0236874 (2004-11-01), Largman et al.
patent: 2005/0022026 (2005-01-01), Riordan
patent: 2005/0038827 (2005-02-01), Hooks
patent: 2005/0076237 (2005-04-01), Cohen et al.
patent: 2005/0120242 (2005-06-01), Mayer et al.
patent: 2005/0177752 (2005-08-01), Hollander et al.
patent: 2005/0229250 (2005-10-01), Ring et al.
patent: 2005/0257266 (2005-11-01), Cook et al.
patent: 2005/0268112 (2005-12-01), Wang et al.
patent: 2005/0283767 (2005-12-01), Blaku
patent: 2006/0015940 (2006-01-01), Zamir et al.
patent: 2006/0020814 (2006-01-01), Lieblich et al.
patent: 2006/0031940 (2006-02-01), Rozman et al.
patent: 2006/0048225 (2006-03-01), Gomez et al.
patent: 2006/0053492 (2006-03-01), Wallace
patent: 2006/0136720 (2006-06-01), Armstrong et al.
patent: 2006/0179433 (2006-08-01), Fair et al.
patent: 2006/0294592 (2006-12-01), Polyakov et al.
patent: 2007/0022287 (2007-01-01), Beck et al.
patent: 2009/0241191 (2009-09-01), Keromytis et al.
Holz et al., Detecting Honeypots and other suspicious environments, Prceedings of the 2005 IEEE Workshops on Information Assurance and Security discloses methods for malware to detect honeypots.
“My Registry has Over 60 errors, up from 29 errors!”, groups.google.com/group/microsoft.public.windowsxp.newusers, Apr 24 2003.
“4.1.9 script—record your screen I/O”, wks.uts.ohio-state.edu, Aug. 14, 1996.
“TechSmith SCreen Recorder SDK”, www.techsmith.com, copyright 1995-2006.
Pages from www.sysinternals.com, portions at least as early as Jul. 9, 1997.
“Wintasks 5 Pro Review, download Wintasks”, www.clarkscript.com, no later than Mar. 14, 2006.
“Spyware Defense for SMBs”, SearchSMB.com Resource Guide, no later than Mar. 23, 2006.
Pages from paretologic.com, no later than Mar. 14, 2006.
English, “Finding the Right Anti-Spyware Vendor for You”, www2.darwinmag.com, Apr. 20, 2005.
“CoolWebSearch”, en.wikipedia.org, Mar. 7, 2006.
Google search results “detects spyware by”, www.google.com, Mar. 14, 2006.
“Finjan Announces Out-of-the-Box Anti-Spyware Gateway Appliances to Effectively Address the Global Spyware Epidemic”, Jul. 18, 2005.
Pages from www.nuker.com/hunterslog, copyright 2002-2006.
“Overview: Understanding Spyware”, CounterSpy help file, no later than Mar. 13, 2006.
Landesman, “Spyware Stoppers”, PC World magazine, www.pcworld.com, Apr. 2005.
“Windows Defender (Beta 2) helps protect your computer from spyware and other unwanted software”, www.microsoft.com, Feb. 13, 2006.
“M$ intellipoint mouse—spyware???”, groups.google.com/group/alt.windows98, Dec. 29, 2002.
Brandt, “Poor Defenders”, PC World magazine, www.pcworld.com, Dec. 2004.
Pages from www.softwaresecuritysolutions.com, copyright 2005.
“Cisco security agent—an enterprise solution for protection against spyware and adware”, www.cisco.com, copyright 1992-2005.
Greenberg, “How to Fix Anti-Spyware”, www.informationweek.com, Apr. 12, 2005.
“Spyware Profiling”, Tenebril, Inc., www.tenebril.com, copyright 2005.
“Spybot Search and Destroy”, “Ad-Aware SE Professional”, from www.pcworld.com, no later than Mar. 24, 2006.
“Forensic Discovery”, www.porcupine.org, no later than Sep. 10, 2006.
Sherri Sparks and Jamie Butler, “Shadow Walker: Raising the Bar for Windows Rootkit Detection”, http://hxdef.org/knowhow/raisingbar.txt, no later than Sep. 10, 2006.
“Detecting Kernel Rootkits”, linuxcourse.rutgers.edu, Jul. 15, 2004.
Bryce Cogswell and Mark Russinovich, “RootkitRevealer”, www.sysinternals.com/Utilities/RootkitRevealer.html, Feb. 2, 2006.
“Detect a rootkit” postings from Google Group linux.debian.security, Sep. 15, 2001.
“Detect a rootkit” postings from Google Group comp.sys.mac.advocacy, Aug. 23, 2006.
Ryan Naraine, “‘Shadow Walker’ Pushes Envelope for Stealth Rootkits”, www.eweek.com, Jul. 28, 2005.
Wang et al., “Strider Ghostbuster: Why It's a Bad Idea for Stealth Software to Hide Files”, Microsoft Technical Report MSR-TR-2004-71, Jul. 24, 2004.
Mark Russinovich, “Sony, Rootkits and Digital Rights Management Gone Too Far”, www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html, Oct. 31, 2005.
Chris Ries, “Inside Windows Rootkits”, www.vigilantminds.com/files/inside—windows—rootkits.pdf, copyright 2006.
John G. Levine, “A Methodology for Detecting and Classifying Rootkit Exploits”, Ph.D. Thesis, Georgia Institute of Technology, http://etd.gatech.edu/theses/available/etd-03172004-115855/unrestricted/john—g—levine—200405—phd.pdf, Feb. 2004.
Levine et al., “A Methodology to Characterize Kernel Level Rootkit Exploits that Overwrite the System Call Table”, http://users.ece.gatech.edu/˜owen/Research/Conference%20Publications/levine—secon04.pdf, 2004.

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Malware detection and identification via malware spoofing does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Malware detection and identification via malware spoofing, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Malware detection and identification via malware spoofing will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-4308160

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.