Pattern matching using embedded functions

Details Pattern matching using embedded functions Pattern matching using embedded functions

2004-05-07

2010-12-28

Patel, Nirav (Department: 2435)

Information security

Monitoring or scanning of software or data including attack...

Intrusion detection

C713S188000

Reexamination Certificate

active

07861304

ABSTRACT:
Methods, apparati, and computer-readable media for matching patterns of symbols within computer systems. A method embodiment of the present invention comprises composing (11) a pattern matching expression; and embedding (12) a function using storage means within the expression to form a character matching string. The expression may be a regular expression. The character matching string is compared (13) against a target string. The target string may be one that is suspected to contain malicious computer code.

REFERENCES:
patent: 5398196 (1995-03-01), Chambers
patent: 5452442 (1995-09-01), Kephart
patent: 5495607 (1996-02-01), Pisello et al.
patent: 5524250 (1996-06-01), Chesson et al.
patent: 5572590 (1996-11-01), Chess
patent: 5675710 (1997-10-01), Lewis
patent: 5694569 (1997-12-01), Fischer
patent: 5826249 (1998-10-01), Skeirik
patent: 5832208 (1998-11-01), Chen et al.
patent: 5832527 (1998-11-01), Kawaguchi
patent: 5854916 (1998-12-01), Nachenberg
patent: 5884033 (1999-03-01), Duvall et al.
patent: 5944821 (1999-08-01), Angelo
patent: 5974549 (1999-10-01), Golan
patent: 5978801 (1999-11-01), Yuasa
patent: 6006242 (1999-12-01), Poole et al.
patent: 6016546 (2000-01-01), Kephart et al.
patent: 6021510 (2000-02-01), Nachenberg
patent: 6023723 (2000-02-01), McCormick et al.
patent: 6052709 (2000-04-01), Paul
patent: 6072942 (2000-06-01), Stockwell et al.
patent: 6088803 (2000-07-01), Tso et al.
patent: 6091407 (2000-07-01), Boetje et al.
patent: 6092194 (2000-07-01), Touboul
patent: 6094731 (2000-07-01), Waldin et al.
patent: 6125459 (2000-09-01), Andoh et al.
patent: 6161130 (2000-12-01), Horvitz et al.
patent: 6167434 (2000-12-01), Pang
patent: 6169999 (2001-01-01), Kanno
patent: 6253169 (2001-06-01), Apte et al.
patent: 6298351 (2001-10-01), Castelli et al.
patent: 6347310 (2002-02-01), Passera
patent: 6370526 (2002-04-01), Agrawal et al.
patent: 6397200 (2002-05-01), Lynch et al.
patent: 6397215 (2002-05-01), Kreulen et al.
patent: 6401122 (2002-06-01), Matsui et al.
patent: 6421709 (2002-07-01), McCormick et al.
patent: 6424960 (2002-07-01), Lee et al.
patent: 6442606 (2002-08-01), Subbaroyan et al.
patent: 6456991 (2002-09-01), Srinivasa et al.
patent: 6493007 (2002-12-01), Pang
patent: 6502082 (2002-12-01), Toyama et al.
patent: 6505167 (2003-01-01), Horvitz et al.
patent: 6546416 (2003-04-01), Kirsch
patent: 6721721 (2004-04-01), Bates et al.
patent: 6751789 (2004-06-01), Berry et al.
patent: 6772346 (2004-08-01), Chess et al.
patent: 6785677 (2004-08-01), Fritchman
patent: 6842861 (2005-01-01), Cox et al.
patent: 6886099 (2005-04-01), Smithson et al.
patent: 6944555 (2005-09-01), Blackett et al.
patent: 6952779 (2005-10-01), Cohen et al.
patent: 6973578 (2005-12-01), McIchionc
patent: 6990442 (2006-01-01), Davis
patent: 7024403 (2006-04-01), Kyler
patent: 7069501 (2006-06-01), Kunitake et al.
patent: 7093231 (2006-08-01), Nuss
patent: 7225188 (2007-05-01), Gai et al.
patent: 7248682 (2007-07-01), Oran
patent: 2002/0035693 (2002-03-01), Eyres et al.
patent: 2002/0038308 (2002-03-01), Cappi
patent: 2002/0046207 (2002-04-01), Chino et al.
patent: 2002/0073046 (2002-06-01), David
patent: 2002/0087649 (2002-07-01), Horvitz
patent: 2002/0138525 (2002-09-01), Karadimitriou et al.
patent: 2002/0147694 (2002-10-01), Dempsey et al.
patent: 2002/0147782 (2002-10-01), Dimitrova et al.
patent: 2002/0178375 (2002-11-01), Whittaker et al.
patent: 2002/0194488 (2002-12-01), Cormack et al.
patent: 2002/0194489 (2002-12-01), Almogy et al.
patent: 2002/0199186 (2002-12-01), Ali et al.
patent: 2002/0199194 (2002-12-01), Ali
patent: 2003/0023875 (2003-01-01), Hursey et al.
patent: 2003/0033536 (2003-02-01), Pak
patent: 2003/0033587 (2003-02-01), Ferguson et al.
patent: 2003/0061287 (2003-03-01), Yu et al.
patent: 2003/0065926 (2003-04-01), Schultz et al.
patent: 2003/0110280 (2003-06-01), Hinchliffe et al.
patent: 2003/0110393 (2003-06-01), Brock et al.
patent: 2003/0110395 (2003-06-01), Presotto et al.
patent: 2003/0115458 (2003-06-01), Song
patent: 2003/0115479 (2003-06-01), Edwards et al.
patent: 2003/0154394 (2003-08-01), Levin
patent: 2003/0167402 (2003-09-01), Stolfo et al.
patent: 2003/0191847 (2003-10-01), Vion-Dury et al.
patent: 2003/0233352 (2003-12-01), Baker
patent: 2004/0015554 (2004-01-01), Wilson
patent: 2004/0039921 (2004-02-01), Chuang
patent: 2004/0103310 (2004-05-01), Sobel et al.
patent: 2004/0110118 (2004-06-01), Clark et al.
patent: 2004/0117401 (2004-06-01), Miyata et al.
patent: 2004/0117641 (2004-06-01), Kennedy et al.
patent: 2004/0220975 (2004-11-01), Carpentier et al.
patent: 2005/0102601 (2005-05-01), Wells
patent: 2005/0114700 (2005-05-01), Barrie et al.
patent: 0636977 (1995-02-01), None
patent: 1408393 (2004-04-01), None
patent: WO 93/25024 (1993-12-01), None
patent: WO 99/15966 (1999-04-01), None
patent: WO 00/28420 (2000-05-01), None
patent: WO 02/33525 (2002-04-01), None
Burchell, Jonathan, “NetShield 1.5”, Virus Bulletin, Aug. 1994, pp. 21-23, XP 000617453.
Parkhouse, Jayne, “Pelican SafeTNet 2.0”, [online] Jun. 2000, SC Magazine Product Review, [retrieved Dec. 1, 2003] Retrieved from the Internet: <URL: http://www.scmagazine.com/standalone/pelican/sc—pelican.html>.
Morar, J. E. and Chess, D. M., “Can Cryptography Prevent Computer Viruses?”, Virus Bulletin Conference 2000, Sep. 2000, pp. 127-138, Virus Bulletin Ltd., Oxfordshire, England.
Wikipedia.org web pages [online], Wikipedia, [retrieved Mar. 17, 2003] Retrieved from the Internet: <URL: http://www.wikipedia.org/w/wiki.phintl?title=machine learning and printable=yes>.
Outlook.spambully.com web pages [online] Spam Bully [retrieved Jan. 16, 2003] Copyright 2002, Retrieved from the Internet <URL: http://outlook.spambully.com/about.php>.
“Enterprise Protection Strategy” [online] Trend Micro Inc. [retrieved Dec. 3, 2002] Retrieved from the Internet: <URL: http://www.trendmicro.com/en/products/eps/features.htm>.
“How to Test Outbreak Commander”, :Trend Micro Inc., Aug. 2002, pp. 1-13, Cupertino, CA.
Choi, Yang-Seo, et al., “A New Stack Buffer Overflow Hacking Defense Technique with Memory Address Confirmation”, Lecture Notes in Computer Science 2288, 2002, pp. 146-159, Spinger Verlog, Berlin and Heidelsberg, Germany.
Chew, Monica and Dawn Song, “Mitigating Buffer Overflows by Operating System Randomization”, Dec. 2000, pp. 1-9, U.C. Berkeley, CA USA.
Bolosky, W., Corbin, S., Goebel, D., and Douceur, J., “Single Instance Storage in Windows 2000”, Microsoft Research, Balder Technology Group, Inc., [online] [retrieved Oct. 11, 2002] Retrieved from the Internet <URL: http://research.microsoft.com/sn/farsite/wss2000.pdf>.
Bontchev, Vesselin, “Possible Macro Virus Attacks and How to Prevent Them”, Computer & Security, vol. 15, No. 7, pp. 595-626, 1996.
Nachenberg, C., “Virus-AntiVirus Co-evolution,” Symantec Research Labs, Presentation given at University of California Los Angeles, Computer Science 201 (graduate level seminar), 1997, Los Angeles, CA, USA.
Nachenberg, C., “A New Technique for Detecting Polymorphic Computer Viruses,” University of California Los Angeles, thesis, 1995, 127 pages, Los Angeles, CA, USA.

Affiliated with

Also associated with

Rating

Pattern matching using embedded functions does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Pattern matching using embedded functions, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Pattern matching using embedded functions will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFUS-PAI-O-4190987