4. Data processing: software development, installation, and managem
  5. Software program development tool
  6. Testing or debugging

System and method for defining and detecting pestware

Data processing: software development – installation – and managem – Software program development tool – Testing or debugging

Reexamination Certificate

Rate now
  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

C717S124000, C717S128000, C717S130000, C717S131000, C717S158000

Reexamination Certificate

active

08065664

ABSTRACT:
A system and method for defining and detecting pestware is described. One embodiment includes receiving a file and placing at least a portion of the file into a processor-readable memory of a computer. A plurality of execution paths within code of the pestware file are followed and particular instructions within the execution paths are identified. A representation of the relative locations of each of the particular instructions within the code of the file are compared against a pestware-definition file so as to determine whether the file is a potential pestware file.

REFERENCES:
patent: 5623600 (1997-04-01), Ji et al.
patent: 5745725 (1998-04-01), Simpson
patent: 5920696 (1999-07-01), Brandt et al.
patent: 5951698 (1999-09-01), Chen et al.
patent: 6069628 (2000-05-01), Farry et al.
patent: 6070009 (2000-05-01), Dean et al.
patent: 6073241 (2000-06-01), Rosenberg et al.
patent: 6092194 (2000-07-01), Touboul
patent: 6154844 (2000-11-01), Touboul
patent: 6167520 (2000-12-01), Touboul
patent: 6226787 (2001-05-01), Serra et al.
patent: 6310630 (2001-10-01), Kulkarni et al.
patent: 6397264 (2002-05-01), Stasnick et al.
patent: 6405316 (2002-06-01), Krishnan et al.
patent: 6460060 (2002-10-01), Maddalozzo, Jr. et al.
patent: 6480962 (2002-11-01), Touboul
patent: 6535931 (2003-03-01), Celi, Jr.
patent: 6611878 (2003-08-01), De Armas et al.
patent: 6633835 (2003-10-01), Moran et al.
patent: 6667751 (2003-12-01), Wynn et al.
patent: 6701441 (2004-03-01), Balasubramaniam et al.
patent: 6772345 (2004-08-01), Shetty
patent: 6785732 (2004-08-01), Bates et al.
patent: 6804780 (2004-10-01), Touboul
patent: 6813711 (2004-11-01), Dimenstein
patent: 6829654 (2004-12-01), Jungck
patent: 6910134 (2005-06-01), Maher
patent: 6965968 (2005-11-01), Touboul
patent: 6966059 (2005-11-01), Shetty
patent: 7058822 (2006-06-01), Edery et al.
patent: 7107617 (2006-09-01), Hursey et al.
patent: 7111290 (2006-09-01), Yates et al.
patent: 7210168 (2007-04-01), Hursey
patent: 7346611 (2008-03-01), Burtscher
patent: 7349931 (2008-03-01), Horne
patent: 7353505 (2008-04-01), O'Dowd
patent: 7392543 (2008-06-01), Szor
patent: 7437718 (2008-10-01), Fournet et al.
patent: 7490352 (2009-02-01), Kramer et al.
patent: 7565695 (2009-07-01), Burtscher
patent: 7707635 (2010-04-01), Kuo et al.
patent: 7810091 (2010-10-01), Gartside et al.
patent: 2002/0066080 (2002-05-01), O'Dowd
patent: 2002/0162015 (2002-10-01), Tang
patent: 2002/0166063 (2002-11-01), Lachman et al.
patent: 2003/0065943 (2003-04-01), Geis et al.
patent: 2003/0074581 (2003-04-01), Hursey et al.
patent: 2003/0101381 (2003-05-01), Mateev et al.
patent: 2003/0159070 (2003-08-01), Mayer et al.
patent: 2003/0192033 (2003-10-01), Gartside et al.
patent: 2003/0217287 (2003-11-01), Kruglenko
patent: 2004/0030914 (2004-02-01), Kelley et al.
patent: 2004/0034794 (2004-02-01), Mayer et al.
patent: 2004/0064736 (2004-04-01), Obrecht et al.
patent: 2004/0080529 (2004-04-01), Wojcik
patent: 2004/0143763 (2004-07-01), Radatti
patent: 2004/0187023 (2004-09-01), Alagna et al.
patent: 2004/0199763 (2004-10-01), Freund
patent: 2004/0225877 (2004-11-01), Huang
patent: 2004/0255165 (2004-12-01), Szor
patent: 2005/0021994 (2005-01-01), Barton et al.
patent: 2005/0027686 (2005-02-01), Shipp
patent: 2005/0038697 (2005-02-01), Aaron
patent: 2005/0091558 (2005-04-01), Chess
patent: 2005/0138433 (2005-06-01), Linetsky
patent: 2005/0154885 (2005-07-01), Viscomi et al.
patent: 2005/0177868 (2005-08-01), Kwan
patent: 2006/0074896 (2006-04-01), Thomas
patent: 2006/0075494 (2006-04-01), Bertman
patent: 2006/0075500 (2006-04-01), Bertman
patent: 2006/0075501 (2006-04-01), Thomas
patent: 2006/0080637 (2006-04-01), Treit
patent: 2006/0085528 (2006-04-01), Thomas
patent: 2006/0095895 (2006-05-01), K.
patent: 2006/0101282 (2006-05-01), Costea et al.
patent: 2006/0161988 (2006-07-01), Costea
patent: 2006/0230290 (2006-10-01), Burtscher
patent: 2006/0230451 (2006-10-01), Kramer et al.
patent: 2006/0236397 (2006-10-01), Horne
patent: 2006/0272021 (2006-11-01), Marinescu et al.
patent: 2007/0006311 (2007-01-01), Barton et al.
patent: 2007/0055711 (2007-03-01), Polyakov et al.
patent: 2007/0074188 (2007-03-01), Huang et al.
patent: 2007/0101435 (2007-05-01), Konanka et al.
patent: 2007/0168992 (2007-07-01), Bates
patent: 2007/0180509 (2007-08-01), Swartz et al.
patent: 2007/0250928 (2007-10-01), Boney
patent: 2007/0300303 (2007-12-01), Greene et al.
patent: 2008/0034430 (2008-02-01), Burtscher
patent: 2009/0198994 (2009-08-01), Tan
patent: 2007007326 (2007-01-01), None
patent: PCT/US2006/008883 (2007-10-01), None
patent: PCT/US2006/041798 (2007-12-01), None
Title: Semantics-Aware Malware Detection, author: Mihai christodorescu et al, source: IEEE, dated: May 8, 2005.
Title: Evaluation of Run-Time Detection of Self-Replication in Binary Executable Malware, author: Volynkin et al, source: IEEE, dated: Jun. 21, 2006.
U.S. Appl. No. 11/462,943, filed Aug. 7, 2006, Michael Burtscher.
Codeguru, Three Ways to Inject Your Code Into Another Process, by Robert Kuster, Aug. 4, 2003, 22 pgs.
Codeguru, Managing Low-Level Keyboard Hooks With the Windows API for VB .Net, by Paul Kimmel, Apr. 18, 2004, 10 pgs.
Codeguru, Hooking the Keyboard, by Anoop Thomas, Dec. 13, 2001, 6 pgs.
Illusive Security, Wolves in Sheep's Clothing: malicious DLLs Injected Into trusted Host Applications, Author Unknown, http://home.arcor.de/scheinsicherheit/dll.htm 13 pgs.
DevX.com, Intercepting Systems API Calls, by Seung-Woo Kim, May 13, 2004, 6 pgs.
Microsoft.com, How to Subclass a Window in Windows 95, Article ID 125680, Jul. 11, 2005, 2 pgs.
MSDN, Win32 Hooks by Kyle Marsh, Jul. 29, 1993, 15 pgs.
PCT Search Report, PCT/US05/34874, Jul. 5, 2006, 7 Pages.
Yurcik, William et al., A Planning Framework for Implementing Virtual Private Networks, Jun. 2001, IT Pro, IEEE, pp. 41-44.
Petroni, Nick L., Copilot—a-Coprocessor-based Kernel Runtime Integrity Monitor, University of Maryland, 24 pgs., College Park, MD USA.

Burtscher Michael

Inventor

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Cooley LLP

Law Firm

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Das Chameli C

Examiner

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Webroot Software, Inc.

Corporate Assignee

  [ 0.00 ] – not rated yet Voters 0   Comments 0

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

System and method for defining and detecting pestware does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with System and method for defining and detecting pestware, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for defining and detecting pestware will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-4255475

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.

Canada

 Charities
 Companies
 MP Candidates
 Patents
 Employee Salary Disclosure

World

 Places of the World
 Scientific Papers

United States

 Banks
 Companies
 Counties
 Patents
 Employee Salary Disclosure