Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2003-08-25
2010-11-09
Zia, Syed A. (Department: 2431)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S023000, C726S022000, C713S150000, C713S188000, C713S189000
Reexamination Certificate
active
07832011
ABSTRACT:
Malicious code detection code is executed by an information handling system. The malicious code detection code includes detection routines. The detection routines are applied to executable code under investigation. The detection routines associate weights to respective code under investigation in response to detections of a valid program or malicious code as a function of the detection routines. It is determined whether code under investigation is a valid program or malicious code as a function of the weights associated by the detection routines.
REFERENCES:
patent: 5121345 (1992-06-01), Lentz
patent: 5440723 (1995-08-01), Arnold et al.
patent: 5537540 (1996-07-01), Miller et al.
patent: 5802277 (1998-09-01), Cowlard
patent: 5919257 (1999-07-01), Trostle
patent: 5956481 (1999-09-01), Walsh et al.
patent: 5970405 (1999-10-01), Kaplan et al.
patent: 6088804 (2000-07-01), Hill et al.
patent: 6161130 (2000-12-01), Horvitz et al.
patent: 6182227 (2001-01-01), Blair et al.
patent: 6266774 (2001-07-01), Sampath et al.
patent: 6272641 (2001-08-01), Ji
patent: 6330588 (2001-12-01), Freeman
patent: 6357008 (2002-03-01), Nachenberg
patent: 6393568 (2002-05-01), Ranger et al.
patent: 6523120 (2003-02-01), Strasnick
patent: 6560632 (2003-05-01), Chess et al.
patent: 6671812 (2003-12-01), Balasubramaniam et al.
patent: 6772346 (2004-08-01), Chess et al.
patent: 6775780 (2004-08-01), Muttik
patent: 6842861 (2005-01-01), Cox et al.
patent: 6944772 (2005-09-01), Dozortsev
patent: 6963978 (2005-11-01), Muttik et al.
patent: 6973577 (2005-12-01), Kouznetsov
patent: 7089591 (2006-08-01), Chi
patent: 7210168 (2007-04-01), Hursey et al.
patent: 7287279 (2007-10-01), Bertman et al.
patent: 7441273 (2008-10-01), Edwards et al.
patent: 7457823 (2008-11-01), Shraim et al.
patent: 7480683 (2009-01-01), Thomas et al.
patent: 7493403 (2009-02-01), Shull et al.
patent: 7509679 (2009-03-01), Alagna et al.
patent: 7533131 (2009-05-01), Thomas et al.
patent: 7739337 (2010-06-01), Jensen
patent: 7748039 (2010-06-01), Obrecht et al.
patent: 2002/0066024 (2002-05-01), Schmall et al.
patent: 2002/0116635 (2002-08-01), Sheymov
patent: 2002/0150243 (2002-10-01), Craft et al.
patent: 2002/0162015 (2002-10-01), Tang
patent: 2002/0174137 (2002-11-01), Wolff et al.
patent: 2003/0033536 (2003-02-01), Pak et al.
patent: 2003/0159070 (2003-08-01), Mayer et al.
patent: 2003/0174137 (2003-09-01), Leung et al.
patent: 2003/0177397 (2003-09-01), Samman
patent: 2004/0054917 (2004-03-01), Obrecht et al.
patent: 2004/0098607 (2004-05-01), Alagna et al.
patent: 2004/0123157 (2004-06-01), Alagna et al.
patent: 2004/0187023 (2004-09-01), Alagna et al.
patent: 2005/0081059 (2005-04-01), Bandini et al.
patent: 2005/0137980 (2005-06-01), Bullock et al.
patent: 99/00720 (1999-01-01), None
patent: 99/50734 (1999-10-01), None
patent: WO 02/03178 (2002-01-01), None
patent: WO 02/095553 (2002-11-01), None
patent: WO 2004/021197 (2004-03-01), None
patent: WO 2004/055632 (2004-07-01), None
patent: WO 2004/072777 (2004-08-01), None
Shieh, et al, “A Pattern-Oriented Intrusion-Detection Model and its Applications,” IEEE, 1991, pp. 327-342.
Office Action of Feb. 7, 2006, in U.S. Appl. No. 10/231,557, 21 pages.
Amendment; Response to Office Action of. Feb. 7, 2006, in U.S. Appl. No. 10/231,557, pp. 1-23.
U.S. Appl. No. 10/231,557, filed Aug. 30, 2002.
Veldman, “Combating Viruses Heuristically”, Virus Bulletin Conference, Virus Bulletin Ltd., Abington, GB, Sep. 1993.
International search report application No. 04707408.3 mailed Mar. 2, 2007 .
Veldman, Frans, “Combining Viruses Heuristically,” Virus Bulletin Conference, Virus Bulletin Ltd., Abington, GB, Sep. 1993, pp. 67-75. XP000828110.
Nachenberg, Carey, “Behavior Blocking: The Next Step in Anti-Virus Protection,” http://www.securityfocus.com/infocus/1557, retrieved Jul. 25, 2007, pp. 1-5, XP002444153.
“Automated Program Analysis for Computer Virus Detection,” IBM Technical Disclosure Bulletin, IBM Corp., New York, US, vol. 34, No. 2, Jul. 1, 1991, pp. 415-416, XP000211158, ISSN: 0018-8689.
Supplemental European Search Report mailed Aug. 6, 2007, cited in European Application No. 03791906.5.
Amendment; Response to Office Action of Feb. 20, 2008, in U.S. Appl. No. 10/231,557, pp. 1-24.
Office Action of Jul. 1, 2008, in U.S. Appl. No. 10/231,557, 29 pages.
Amendment; Response to Office Action of Jul. 1, 2008, in U.S. Appl. No. 10/231,557, pp. 1-26.
Office Action of Sep. 9, 2009, in U.S. Appl. No. 10/231,557, 15 pages.
Communication Pursuant to Article 94(3) EPC in Application No. EP 04 707 408.3 issued Jun. 2, 2008, 6 pages.
PCT Search Report, PCT No. PCT/US01/17275, Jan. 10, 2002, 4 pages.
Alagna Michael Anthony
Obrecht Mark Eric
Payne Charles Andrew
Meyertons Hood Kivlin Kowert & Goetzel P.C.
Munyon Dean M.
Symantec Corporation
Zia Syed A.
LandOfFree
Method and apparatus for detecting malicious code in an... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for detecting malicious code in an..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for detecting malicious code in an... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4161577