Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2011-04-19
2011-04-19
Lanier, Benjamin E (Department: 2432)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
Reexamination Certificate
active
07930751
ABSTRACT:
A method for detecting malicious code on an information handling system includes executing malicious code detection code (MCDC) on the information handling system. The malicious code detection code includes detection routines. The detection routines are applied to executable code under investigation running on the information handling system during the execution of the MCDC. The detection routines associate weights to respective executable code under investigation in response to detections of a valid program or malicious code as a function of respective detection routines. Lastly, executable code under investigation is determined a valid program or malicious code as a function of the weights associated by the detection routines. Computer-readable media and an information handling system are also disclosed.
REFERENCES:
patent: 5121345 (1992-06-01), Lentz
patent: 5398196 (1995-03-01), Chambers
patent: 5440723 (1995-08-01), Arnold et al.
patent: 5537540 (1996-07-01), Miller et al.
patent: 5802277 (1998-09-01), Cowlard
patent: 5919257 (1999-07-01), Trostle
patent: 5956481 (1999-09-01), Walsh et al.
patent: 5974549 (1999-10-01), Golan
patent: 6088804 (2000-07-01), Hill et al.
patent: 6182227 (2001-01-01), Blair et al.
patent: 6266774 (2001-07-01), Sampath et al.
patent: 6269456 (2001-07-01), Hodges et al.
patent: 6272641 (2001-08-01), Ji
patent: 6298445 (2001-10-01), Shostack et al.
patent: 6330588 (2001-12-01), Freeman
patent: 6357008 (2002-03-01), Nachenberg
patent: 6393568 (2002-05-01), Ranger et al.
patent: 6477651 (2002-11-01), Teal
patent: 6523120 (2003-02-01), Strasnick
patent: 6560632 (2003-05-01), Chess et al.
patent: 6671812 (2003-12-01), Balasubramaniam et al.
patent: 6725377 (2004-04-01), Kouznetsov
patent: 6772346 (2004-08-01), Chess et al.
patent: 6775780 (2004-08-01), Muttik
patent: 6802028 (2004-10-01), Ruff et al.
patent: 6842861 (2005-01-01), Cox et al.
patent: 6944772 (2005-09-01), Dozortsev
patent: 6973577 (2005-12-01), Kouznetsov
patent: 7043641 (2006-05-01), Martinek et al.
patent: 7116782 (2006-10-01), Jackson et al.
patent: 7165174 (2007-01-01), Ginter et al.
patent: 7203841 (2007-04-01), Jackson et al.
patent: 7328453 (2008-02-01), Merkle et al.
patent: 2002/0010640 (2002-01-01), Dutta et al.
patent: 2002/0019767 (2002-02-01), Babbitt et al.
patent: 2002/0066024 (2002-05-01), Schmall et al.
patent: 2002/0116635 (2002-08-01), Sheymov
patent: 2002/0150243 (2002-10-01), Craft et al.
patent: 2002/0174137 (2002-11-01), Wolff et al.
patent: 2003/0033536 (2003-02-01), Pak et al.
patent: 2003/0149888 (2003-08-01), Yadav
patent: 2003/0159070 (2003-08-01), Mayer et al.
patent: 2003/0174137 (2003-09-01), Leung et al.
patent: 2003/0177397 (2003-09-01), Samman
patent: 2004/0054917 (2004-03-01), Obrecht et al.
patent: 2004/0064736 (2004-04-01), Obrecht et al.
patent: 2004/0098607 (2004-05-01), Alagna et al.
patent: 2004/0123157 (2004-06-01), Alagna et al.
patent: 2004/0187010 (2004-09-01), Anderson et al.
patent: 2004/0187023 (2004-09-01), Alagna et al.
patent: 2005/0137980 (2005-06-01), Bullock et al.
patent: 99/00720 (1999-01-01), None
patent: 99/50734 (1999-10-01), None
patent: 02/03178 (2002-01-01), None
patent: 02/095553 (2002-11-01), None
patent: 02/103533 (2002-12-01), None
patent: 2004/021197 (2004-03-01), None
patent: 2004/055632 (2004-07-01), None
patent: 2004/072777 (2004-08-01), None
Communication Pursuant to Article 94(3) EPC in Application No. EP 04 707 408.3 issued Jun. 2, 2008, 6 pages.
PCT Search Report, PCT No. PCT/US01/17275, Jan. 10, 2002, 4 pages.
Veldman, Frans, “Combating Viruses Heuristically,” Virus Bulletin Conference, Virus Bulletin Ltd., Abington, GB, Sep. 1993, pp. 67-75, XP000828110.
Nachenberg, Carey, “Behavior Blocking: The Next Step in Anti-Virus Protection,” http://www.securityfocus.com/infocus/1557, retrieved Jul. 25, 2007, pp. 1-5, XP002444153.
“Automated Program Analysis for Computer Virus Detection,” IBM Technical Disclosure Bulletin, IBM Corp., New York, US, vol. 34, No. 2, Jul. 1, 1991, pp. 415-416, XP000211158, ISSN: 0018-8689.
Supplemental European Search Report mailed Aug. 6, 2007, cited in European Application No. 03791906.5.
Office Action cited in U.S. Appl. No. 10/647,644, dated Aug. 10, 2007.
Office Action of Mar. 7, 2008, in U.S. Appl. No. 10/231,557, 13 pages.
Amendment; Response to Office Action of Mar. 7, 2008, in U.S. Appl. No. 10/231,557, pp. 1-24.
Office Action of Dec. 12, 2007, in U.S. Appl. No. 10/647,644, 16 pages.
Shieh, et, al., “A Pattern-Oriented Intrusion-Detection Model and its Applications,” IEEE, 1991, pp. 327-342.
Summons in application 04707408.3-1245 / 1590723 mailed Apr. 16, 2010.
Alagna Michael Tony
Obrecht Mark
Payne Andy
Lanier Benjamin E
Meyertons Hood Kivlin Kowert & Goetzel P.C.
Munyon Dean M.
Symantec Corporation
LandOfFree
Method and apparatus for detecting malicious code in an... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for detecting malicious code in an..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for detecting malicious code in an... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2727249