Cryptography – Key management – Having particular key generator
Patent
1997-01-08
1998-10-20
Beausoliel, Jr., Robert W.
Cryptography
Key management
Having particular key generator
39518309, 39518314, 380 4, 380 25, H04L 900, G06F 300, H04K 300
Patent
active
058260137
ABSTRACT:
A Polymorphic Anti-virus Module (PAM) (200) comprises a CPU emulator (210) for emulating the target program, a virus signature scanning module (250) for scanning decrypted virus code, and an emulation control module (220), including a static exclusion module (230), a dynamic exclusion module (240), instruction/interrupt usage profiles (224) for the mutation engines (162) of the known polymorphic viruses (150), size and target file types (226) for these viruses, and a table (228) having an entry for each known polymorphic virus (150). During emulation, the emulation control module (220) may observe use of a register-indirect memory write instruction using a register that has not been initialized. Such a random write can be used as an indication that the file is probably a data file and so is unlikely to harbor a virus.
REFERENCES:
patent: 4975950 (1990-12-01), Lentz
patent: 5121345 (1992-06-01), Lentz
patent: 5144660 (1992-09-01), Rose
patent: 5319776 (1994-06-01), Hile et al.
patent: 5321840 (1994-06-01), Ahlin et al.
patent: 5349655 (1994-09-01), Mann
patent: 5359659 (1994-10-01), Rosenthal
patent: 5398196 (1995-03-01), Chambers
patent: 5408642 (1995-04-01), Mann
patent: 5421006 (1995-05-01), Jablon et al.
patent: 5440723 (1995-08-01), Arnold et al.
patent: 5442699 (1995-08-01), Arnold et al.
patent: 5485575 (1996-01-01), Chess et al.
patent: 5511163 (1996-04-01), Lerch et al.
patent: 5537540 (1996-07-01), Miller et al.
patent: 5559960 (1996-09-01), Lettvin
patent: 5613002 (1997-03-01), Kephart et al.
patent: 5649095 (1997-07-01), Cozza
patent: 5675711 (1997-10-01), Kephart et al.
patent: 5684875 (1997-11-01), Allenberger
Gotlieb, L., "End Users and Responsible Computing", CMA--the Management Accounting Magazine, vol. 67, No. 7, Sep. 1993, p. 13.
Karney, J., "Changing the Rules on Viruses", PC Magazine, vol. 13, No. 14, Aug. 1994, p. NE36.
Schnaidt, P., "Security", LAN Magazine, vol. 7, No. 3, Mar. 1992, p. 19.
"UK-Sophos Intros Unix Virus Detection Software Jan. 26, 1995", Newsbytes News Network, Jan. 26, 1995.
"Anti-virus Company Claims Polymorphic Breakthrough Jul. 10, 1992", Newsbyte News Network, Jul. 10, 1992.
"LAN Buyers Guide: Network Management", LAN Magazine, vol. 7, No. 8, Aug. 1992, p. 188.
Veldman, Frans, "Virus Writing Is High-Tech Infosecurity Warfare", Security on the I-Way '95, 1995, pp. L-1--L-16, U.S.A.
Symantec Corporation, "Norton AntiVirus for Windows 95 & Special Subscription Offer", 1995, U.S.A.
ThunderBYTE B.V., "User Manual", 1995, pp. i-191, Wijchen, The Netherlands.
"Virus Infection Techniques: Part 3", Virus Bulletin, 1995, pp. 006-007, Oxfordshire, England.
Cohen, Frederick B., "A Short Course on Computer Viruses--2d Ed.", John Wiley & Sons, Inc., pp. 54-55, 199-209, 1994, U.S.A.
Veldman, Frans, "Heuristic Anti-Virus Technology", Proceedings of the International Virus Protection and Information Security Conference, Apr. 1, 1994.
Wells, Joseph, "Viruses in the Wild", Proceedings of the International Virus Protection and Information Security Conference, Apr. 1, 1994.
Gordon, Scott, "Viruses & Netware", Proceedings of the International Virus Protection and Information Security Conference, Mar. 31, 1994.
Solomon, Alan, "Viruses & Polymorphism", Proceedings of the International Virus Protection and Information Security Conference, Mar. 31, 1994.
Case, Tori, "Viruses: An Executive Brief", Proceedings of the International Virus Protection and Information Security Conference, Mar. 31, 1994.
Skulason, Fridrik, "For Programmers", Virus Bulletin, Jul. 1990, pp. 10-11, Oxon, England.
Digitext, "Dr. Solomon's Anti-Virus Toolkit for Windows and DOS", S&S International PLC, Jan. 1995, pp. 1-15, 47-65, 75-77, 91-95, 113-115, and 123-142, United Kingdom.
"Automated Program Analysis for Computer Virus Detection", IBM Technical Disclosure Bulletin, vol. 34, No. 2, Jul. 1991, pp. 415-416.
"Artificial Immunity for Personal Computers", IBM Technical Disclosure Bulletin, vol. 34, No. 2, Jul. 1991, pp. 150-154.
Marshall, G., "Pest Control", LAN Magazine, Jun. 1995, pp. 55-67.
Beausoliel, Jr. Robert W.
Hua Ly V.
Symantec Corporation
LandOfFree
Polymorphic virus detection module does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Polymorphic virus detection module, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Polymorphic virus detection module will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-255858