Information security – Monitoring or scanning of software or data including attack...
Reexamination Certificate
2004-01-30
2010-06-01
Vu, Kimyen (Department: 2435)
Information security
Monitoring or scanning of software or data including attack...
C713S152000, C726S025000
Reexamination Certificate
active
07730530
ABSTRACT:
A system and method for gathering exhibited behaviors of a .NET executable module in a secure manner is presented. In operation, a .NET behavior evaluation module presents a virtual .NET environment to a Microsoft Corporation .NET code module. The .NET behavior evaluation module implements a sufficient number of aspects of an actual Microsoft Corporation .NET environment that a .NET code module can execute. As the .NET code module executes, the .NET behavior evaluation module records some of the exhibited behaviors, i.e., .NET system supplied libraries/subroutines, that are associated with known malware. The recorded behaviors are placed in a behavior signature for an external determination as to whether the .NET code module is malware, i.e., an unwanted computer attack.
REFERENCES:
patent: 5485575 (1996-01-01), Chess et al.
patent: 5842002 (1998-11-01), Schnurer et al.
patent: 5983348 (1999-11-01), Ji
patent: 6192512 (2001-02-01), Chess
patent: 6357008 (2002-03-01), Nachenberg
patent: 6594686 (2003-07-01), Edwards et al.
patent: 6907396 (2005-06-01), Muttik et al.
patent: 6968461 (2005-11-01), Lucas et al.
patent: 7203681 (2007-04-01), Arnold et al.
patent: 7620990 (2009-11-01), Bodorin
patent: 2002/0035696 (2002-03-01), Thacker
patent: 2002/0056076 (2002-05-01), van der Made
patent: 2003/0014550 (2003-01-01), Fischer et al.
patent: 2003/0023865 (2003-01-01), Cowie et al.
patent: 2003/0065926 (2003-04-01), Schiltz et al.
patent: 2003/0101381 (2003-05-01), Mateev et al.
patent: 2003/0110391 (2003-06-01), Wolff et al.
patent: 2003/0115479 (2003-06-01), Edwards et al.
patent: 2004/0015712 (2004-01-01), Szor
patent: 2005/0132206 (2005-06-01), Palliyl et al.
patent: 2005/0172337 (2005-08-01), Bodorin
patent: 2005/0188272 (2005-08-01), Bodorin
patent: 2006/0248582 (2006-11-01), Panjwani et al.
C. Ko, “Execution Monitoring of Security-Critical Programs in Distributed Systems: A Specification-based Approach”, PhD thesis, UC Davis, 1996.
White et al., “Anatomy of a Commercial-Grade Immune System”, http://citeseer.ist.psu.edu/white99anatomy.html, 1999, pp. 1-28.
Office Action mailed May 1, 2007 cited in U.S. Appl. No. 10/769,038.
Office Action mailed Nov. 13, 2007 cited in U.S. Appl. No. 10/769,038.
Office Action mailed Jul. 24, 2008 cited in U.S. Appl. No. 10/769,038.
Office Action mailed Mar. 5, 2009 cited in U.S. Appl. No. 10/769,038.
Office Action mailed Sep. 16, 2009 cited in U.S. Appl. No. 10/769,038.
Office Action mailed Oct. 30, 2007 cited in U.S. Appl. No. 10/769,103.
Office Action mailedJun. 17, 2008 cited in U.S. Appl. No. 10/769,103.
Office Action mailed Dec. 26, 2008 cited in U.S. Appl. No. 10/769,103.
Notice of Allowance mailed Jul. 20, 2009 cited in U.S. Appl. No. 10/769,103.
Bodorin Daniel M.
Marinescu Adrian M.
Microsoft Corporation
Paliwal Yogesh
Vu Kimyen
Workman Nydegger
LandOfFree
System and method for gathering exhibited behaviors on a... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for gathering exhibited behaviors on a..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for gathering exhibited behaviors on a... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4215107