Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2011-08-09
2011-08-09
Moorthy, Aravind K (Department: 2492)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S025000, C713S151000, C713S188000
Reexamination Certificate
active
07996905
ABSTRACT:
A method and system for the automatic determination of the behavioral profile of a program suspected of having worm-like characteristics includes analyzing data processing system resources required by the program and, if the required resources are not indicative of the program having worm-like characteristics, running the program in a controlled non-network environment while monitoring and logging accesses to system resources to determine the behavior of the program in the non-network environment. A logged record of the observed behavior is analyzed to determine if the behavior is indicative of the program having worm-like characteristics. The non-network environment may simulate the appearance of a network to the program, without emulating the operation of the network.
REFERENCES:
patent: 5398196 (1995-03-01), Chambers
patent: 5440723 (1995-08-01), Arnold et al.
patent: 5636371 (1997-06-01), Yu
patent: 5734865 (1998-03-01), Yu
patent: 5812826 (1998-09-01), McLain, Jr.
patent: 5826013 (1998-10-01), Nachenberg
patent: 5842002 (1998-11-01), Schnurer et al.
patent: 5978917 (1999-11-01), Chi
patent: 6192512 (2001-02-01), Chess
patent: 6981279 (2005-12-01), Arnold et al.
patent: 7103913 (2006-09-01), Arnold et al.
patent: 7340774 (2008-03-01), Hursey et al.
patent: 7398400 (2008-07-01), Wiseman
patent: 2002/0122065 (2002-09-01), Segal et al.
patent: 2003/0212908 (2003-11-01), Piesco
patent: 2002-182942 (2002-06-01), None
patent: WO 95/33237 (1995-12-01), None
patent: WO-02/06928 (2002-01-01), None
Kephart, J. et al., “An Immune System For Cyberspace”, IEEE, 1997, pp. 879-884.
Kephart, J. et al., “Biologically Inspired Defenses Against Computer Viruses”, not dated, pp. 985-996.
Cohen, F., “A Short Course on Computer Viruses”, ASP Press, Pittsburgh, PA, 1990, pp. 9-15.
Shieh, S.W., et al., “A Pattern-Oriented Intrusion-Detection Model and Its Applications”, IEEE 1991, pp. 327-342.
Burnett, Mark, “Securing Microsoft Services”, May 22, 2002, 4 pgs, website article www.securityfocus.com.
Takashi Miyake et al., “A Method to Detect Unknown Computer Virus and Its Implementation” IEICE Technical Report, Jun. 28, 2002, vol. 102 No. 45, p. 19-p. 24.
Arnold William C.
Chess David M.
Morar John F.
Segal Alla
Whalley Ian N.
Moorthy Aravind K
Okamoto & Benedicto LLP
Trend Micro Incorporated
LandOfFree
Method and apparatus for the automatic determination of... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for the automatic determination of..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for the automatic determination of... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2670053