Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2007-01-25
2011-11-29
Truong, Thanhnga (Department: 2438)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S022000, C726S024000, C726S025000, C726S026000, C713S194000
Reexamination Certificate
active
08069484
ABSTRACT:
Systems and methods for performing malware detection for determining suspicious data based on data entropy are provided. The method includes acquiring a block of data, calculating an entropy value for the block of data, comparing the entropy value to a threshold value, and recording the block of data as suspicious when the entropy value exceeds the threshold value. An administrator may then investigate suspicious data.
REFERENCES:
patent: 6661839 (2003-12-01), Ishida et al.
patent: 2005/0223238 (2005-10-01), Schmid et al.
patent: 2007/0152854 (2007-07-01), Copley
patent: 2007/0245420 (2007-10-01), Yong et al.
PEID (Software): http://peid.has.it/; May 10, 2006—five (5) web pages.
Shannon, C. E.; “A Mathematical Theory of Communication”; The Bell System Technical Journal; vol. 27; pp. 39-423; 23-656—Jul., Oct. 1948.
Garman Jason
McMillan Chad
Holmes Angela
Mandiant Corporation
SNR Denton US LLP
Truong Thanhnga
LandOfFree
System and method for determining data entropy to identify... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for determining data entropy to identify..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for determining data entropy to identify... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4252769