Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Patent
1997-09-19
2000-06-06
Le, Dieu-Minh T.
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
380 4, 714 38, G06F 1100, H04L 900
Patent
active
060732393
ABSTRACT:
A method is disclosed for protecting executable computer programs against infection by a computer virus program. The invented method prevents writing operations that attempt to modify portions of the program, such as the program's entry point or first instructions. A writing operation that attempts to write data to the program is intercepted and analyzed before the operation is allowed to be processed. The method selects significant data and stores the data, in order to retain information indicative of the program prior to any modification thereof. The invented method then determines if the writing operation is attempting to modify the significant data, and if it is determined that the writing operation is attempting to modify the data, an alarm is generated and operation is denied. If it is determined that the writing operation is not attempting to modify the data, the writing operation as allowed to continue. Additionally, the program can be restored to its initial state using the stored information and data. The method of the present invention uses the stored data indicative of the significant data of the program to restore the program to its initial state and undo all the modifications that the virus may have made to the program.
REFERENCES:
patent: 4975950 (1990-12-01), Lentz
patent: 5121345 (1992-06-01), Lentz
patent: 5144660 (1992-09-01), Rose
patent: 5257381 (1993-10-01), Cook
patent: 5289540 (1994-02-01), Jones
patent: 5319776 (1994-06-01), Hile
patent: 5321840 (1994-06-01), Ahlin
patent: 5349655 (1994-09-01), Mann
patent: 5359659 (1994-10-01), Rosenthal
patent: 5367682 (1994-11-01), Chang
patent: 5396609 (1995-03-01), Schmidt
patent: 5398196 (1995-03-01), Chambers
patent: 5408642 (1995-04-01), Mann
patent: 5421006 (1995-05-01), Jablon et al.
patent: 5434562 (1995-07-01), Reardon
patent: 5440723 (1995-08-01), Arnold et al.
patent: 5448668 (1995-09-01), Perelson et al.
patent: 5473769 (1995-12-01), Cozza
patent: 5488045 (1996-01-01), Clark
patent: 5488702 (1996-01-01), Byers
patent: 5502815 (1996-03-01), Cozza
patent: 5511163 (1996-04-01), Lerche et al.
patent: 5511184 (1996-04-01), Lin
patent: 5513337 (1996-04-01), Gillespie
patent: 5537540 (1996-07-01), Miller
patent: 5559960 (1996-09-01), Lettvin
patent: 5613002 (1997-03-01), Kephart et al.
patent: 5822517 (1998-10-01), Dotan
patent: 5826012 (1998-10-01), Lettvin
"Computer Viruses--An Executive Brief," Symantec Antivirus Research Center, accessed on Apr. 30, 1997 [http://www.symantec.con/avcenter/reference/corpst.html].
"Virenschutz-Programme", CHIP, No. 6, Jun. 1989, pp. 72-75.
In-Defense, Inc.
Le Dieu-Minh T.
LandOfFree
Method for protecting executable software programs against infec does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method for protecting executable software programs against infec, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method for protecting executable software programs against infec will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2224124