Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2003-08-11
2009-02-24
Nalven, Andrew L (Department: 2434)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C713S187000, C713S188000
Reexamination Certificate
active
07496963
ABSTRACT:
A method of, and system for, virus detection has a database of known patterns of start-up code for executable images created using a collection of known compilers and uses examination of the start-up code of the image by reference to this database to determine whether or not the executable image is likely to have been subject to infection by viral code. In particular, the system seeks to determine whether the expected flow and execution of the image during start up has had viral code interjected into it. Various heuristics to assist in assessing the likely presence of viral code are disclosed.
REFERENCES:
patent: 5440723 (1995-08-01), Arnold et al.
patent: 5675711 (1997-10-01), Kephart et al.
patent: 6016546 (2000-01-01), Kephart et al.
patent: 6357008 (2002-03-01), Nachenberg
patent: 6971019 (2005-11-01), Nachenberg
patent: 02/33525 (2002-04-01), None
Nachenberg; “A New Technique For Technique For Detecting Polymorphic Computer Viruses. A Thesis Submitted in Partial Satisfaction of the Requirements for the Degree Master of Science in Computer Science and Engineering”; Thesis University of California, XX, XX, 1995, pp. I-V, 1-127, XP000197628.
IBM Technical Disclosure Bulletin, Apr. 1990, “System for Detecting Undesired Alteration of Software”.
Elsevier, Computers and Security, vol. 15, No. 7, 1996, Bontchev; “Possible Macro Virus Attacks and how to Prevent Them”; pp. 595-626, see section 2.2.1.
“Proceedings of the second international virus bulletin conference”, Sep. 2-3; 1992, pp. 1-14, Hruska; “Virus Structure”; see section1.1 and figure 5.
Messagelabs Limited
Nalven Andrew L
Nixon & Vanderhye PC
LandOfFree
Method of, and system for, heuristically detecting viruses... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method of, and system for, heuristically detecting viruses..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method of, and system for, heuristically detecting viruses... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4057917