Information security – Monitoring or scanning of software or data including attack... – Vulnerability assessment
Reexamination Certificate
2002-08-30
2010-06-29
Lanier, Benjamin E (Department: 2132)
Information security
Monitoring or scanning of software or data including attack...
Vulnerability assessment
Reexamination Certificate
active
07748039
ABSTRACT:
A method for detecting malicious code on an information handling system includes executing malicious code detection code (MCDC) on the information handling system. The malicious code detection code includes detection routines. The detection routines are applied to executable code under investigation running on the information handling system during the execution of the MCDC. The detection routines associate weights to respective executable code under investigation in response to detections of a valid program or malicious code as a function of respective detection routines. Lastly, executable code under investigation is determined a valid program or malicious code as a function of the weights associated by the detection routines. Computer-readable media and an information handling system are also disclosed.
REFERENCES:
patent: 5121345 (1992-06-01), Lentz
patent: 5398196 (1995-03-01), Chambers
patent: 5440723 (1995-08-01), Arnold et al.
patent: 5537540 (1996-07-01), Miller et al.
patent: 5802277 (1998-09-01), Cowlard
patent: 5919257 (1999-07-01), Trostle
patent: 5956481 (1999-09-01), Walsh et al.
patent: 5974549 (1999-10-01), Golan
patent: 6088804 (2000-07-01), Hill et al.
patent: 6182227 (2001-01-01), Blair et al.
patent: 6266774 (2001-07-01), Sampath et al.
patent: 6272641 (2001-08-01), Ji
patent: 6330588 (2001-12-01), Freeman
patent: 6357008 (2002-03-01), Nachenberg
patent: 6393568 (2002-05-01), Ranger et al.
patent: 6523120 (2003-02-01), Strasnick
patent: 6671812 (2003-12-01), Balasubramaniam et al.
patent: 6772346 (2004-08-01), Chess et al.
patent: 6775780 (2004-08-01), Muttik
patent: 6802028 (2004-10-01), Ruff et al.
patent: 6944772 (2005-09-01), Dozortsev
patent: 6973577 (2005-12-01), Kouznetsov
patent: 2002/0066024 (2002-05-01), Schmall et al.
patent: 2002/0116635 (2002-08-01), Sheymov
patent: 2002/0150243 (2002-10-01), Craft et al.
patent: 2002/0174137 (2002-11-01), Wolff et al.
patent: 2003/0033536 (2003-02-01), Pak et al.
patent: 2003/0079145 (2003-04-01), Kouznetsov et al.
patent: 2003/0159070 (2003-08-01), Mayer et al.
patent: 2003/0174137 (2003-09-01), Leung et al.
patent: 2004/0064736 (2004-04-01), Obrecht et al.
patent: 2004/0098607 (2004-05-01), Alagna et al.
patent: 2004/0123157 (2004-06-01), Alagna et al.
patent: 2004/0187023 (2004-09-01), Alagna et al.
patent: 2005/0137980 (2005-06-01), Bullock et al.
patent: 02/03178 (2002-01-01), None
patent: WO 02/03178 (2002-01-01), None
patent: 02/095553 (2002-11-01), None
patent: WO 02/103533 (2002-12-01), None
patent: WO 2004/021197 (2004-03-01), None
patent: WO 2004/055632 (2004-07-01), None
patent: WO 2004/072777 (2004-08-01), None
Shieh, et al, “A Pattern-Oriented Intrusion-Detection Model and its Applications,” IEEE, 1991, pp. 327-342.
Office Action Mailed Mar. 23, 2006, 13 pages.
Veldman, “Combating Viruses Heuristically”, Virus Bulletin Conference, Virus Bulletin Ltd., Abington, GB, Sep. 1993.
International search report application No. 04707408.3 mailed Mar. 2, 2007.
Veldman, Frans, “Combating Viruses Heuristically,” Virus Bulletin Conference, Virus Bulletin Ltd., Abington, GB, Sep. 1993, pp. 67-75, XP000828110.
Nachenberg, Carey, “Behavior Blocking: The Next Step in Anti-Virus Protection,” http://www.securityfocus.com/ infocus/1557, retrieved Jul. 25, 2007, pp. 1-5, XP002444153.
“Automated Program Analysis for Computer Virus Detection,” IBM Technical Disclosure Bulletin, IBM Corp., New York, US, vol. 34, No. 2, Jul. 1, 1991, pp. 415-416, XP000211158, ISSN: 0018-8689.
Supplemental European Search Report mailed Aug. 6, 2007, cited in European Application No. 03791906.5.
Office Action cited in U.S. Appl. No. 10/647,644, dated Aug. 10, 2007.
Office Action of Dec. 12, 2007, in U.S. Appl. No. 10/647,644, 16 pages.
Office Action of Mar. 7, 2008, in U.S. Appl. No. 10/231,557, 13 pages.
Amendment; Response to Office Action of Mar. 7, 2008, in U.S. Appl. No. 10/231,557, pp. 1-24.
Office Action of Nov. 13, 2009, in U.S. Appl. No. 10/647,644, 11 pages.
Alagna Michael Tony
Obrecht Mark
Payne Andy
Lanier Benjamin E
Meyertons Hood Kivlin Kowert & Goetzel P.C.
Symantec Corporation
LandOfFree
Method and apparatus for detecting malicious code in an... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for detecting malicious code in an..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for detecting malicious code in an... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4210382