Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2005-10-31
2010-06-22
Zand, Kambiz (Department: 2434)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S023000, C726S022000
Reexamination Certificate
active
07743418
ABSTRACT:
A method, software system, and computer-readable medium are provided for determining whether a malware that implements stealth techniques is resident on a computer. In one exemplary embodiment, a method is provided that obtains a first set of data that describes the processes that are reported as being active on the computer in a non-interrupt environment. Then, the method causes program execution to be interrupted at runtime so that an analysis of the active processes on the computer may be performed. After program execution is interrupted, a second set data that describes the processes that are reported as being active on the computer in a interrupt environment is obtained. By performing a comparison between the first and second sets of data, a determination may be made regarding whether the collected data contains inconsistencies that are characteristic of malware.
REFERENCES:
patent: 5944821 (1999-08-01), Angelo
Clift Neill
Wijeratna Thushara K.
Microsoft Corporation
Workman Nydegger
Wyszynski Aubrey H
Zand Kambiz
LandOfFree
Identifying malware that employs stealth techniques does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Identifying malware that employs stealth techniques, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Identifying malware that employs stealth techniques will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4247416