DE69831708D1 - Effiziente Erkennung von Computerviren und andere Dateneigenschaften - Google Patents

Effiziente Erkennung von Computerviren und andere Dateneigenschaften

Info

Publication number
DE69831708D1
DE69831708D1 DE69831708T DE69831708T DE69831708D1 DE 69831708 D1 DE69831708 D1 DE 69831708D1 DE 69831708 T DE69831708 T DE 69831708T DE 69831708 T DE69831708 T DE 69831708T DE 69831708 D1 DE69831708 D1 DE 69831708D1
Authority
DE
Germany
Prior art keywords
efficient detection
computer viruses
data properties
properties
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
DE69831708T
Other languages
English (en)
Other versions
DE69831708T2 (de
Inventor
Jeffery Owen Kephart
Alexandre Guy George Morin
Gregory Bret Sorkin
Joseph Warren Wells
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Lenovo Singapore Pte Ltd
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Application granted granted Critical
Publication of DE69831708D1 publication Critical patent/DE69831708D1/de
Publication of DE69831708T2 publication Critical patent/DE69831708T2/de
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/564Static detection by virus signature recognition

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
DE69831708T 1997-07-10 1998-06-30 Effiziente Erkennung von Computerviren und andere Dateneigenschaften Expired - Fee Related DE69831708T2 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US890013 1997-07-10
US08/890,013 US6016546A (en) 1997-07-10 1997-07-10 Efficient detection of computer viruses and other data traits

Publications (2)

Publication Number Publication Date
DE69831708D1 true DE69831708D1 (de) 2006-02-09
DE69831708T2 DE69831708T2 (de) 2006-06-29

Family

ID=25396111

Family Applications (1)

Application Number Title Priority Date Filing Date
DE69831708T Expired - Fee Related DE69831708T2 (de) 1997-07-10 1998-06-30 Effiziente Erkennung von Computerviren und andere Dateneigenschaften

Country Status (3)

Country Link
US (1) US6016546A (de)
EP (1) EP0896285B1 (de)
DE (1) DE69831708T2 (de)

Families Citing this family (75)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6108799A (en) * 1997-11-21 2000-08-22 International Business Machines Corporation Automated sample creation of polymorphic and non-polymorphic marcro viruses
US5987610A (en) 1998-02-12 1999-11-16 Ameritech Corporation Computer virus screening methods and systems
US6338141B1 (en) * 1998-09-30 2002-01-08 Cybersoft, Inc. Method and apparatus for computer virus detection, analysis, and removal in real time
US6711583B2 (en) * 1998-09-30 2004-03-23 International Business Machines Corporation System and method for detecting and repairing document-infecting viruses using dynamic heuristics
US6622134B1 (en) * 1999-01-05 2003-09-16 International Business Machines Corporation Method of constructing data classifiers and classifiers constructed according to the method
US6487666B1 (en) * 1999-01-15 2002-11-26 Cisco Technology, Inc. Intrusion detection signature analysis using regular expressions and logical operators
US6954858B1 (en) 1999-12-22 2005-10-11 Kimberly Joyce Welborn Computer virus avoidance system and mechanism
US6792556B1 (en) 2000-05-31 2004-09-14 Dell Products L.P. Boot record recovery
JP3251000B2 (ja) * 2000-09-07 2002-01-28 松本建工株式会社 住宅の断熱構造及び使用する遮熱材
US6886099B1 (en) * 2000-09-12 2005-04-26 Networks Associates Technology, Inc. Computer virus detection
US7210041B1 (en) * 2001-04-30 2007-04-24 Mcafee, Inc. System and method for identifying a macro virus family using a macro virus definitions database
US7043758B2 (en) 2001-06-15 2006-05-09 Mcafee, Inc. Scanning computer files for specified content
US7366910B2 (en) * 2001-07-17 2008-04-29 The Boeing Company System and method for string filtering
US7487544B2 (en) * 2001-07-30 2009-02-03 The Trustees Of Columbia University In The City Of New York System and methods for detection of new malicious executables
US7657935B2 (en) * 2001-08-16 2010-02-02 The Trustees Of Columbia University In The City Of New York System and methods for detecting malicious email transmission
KR20040039357A (ko) * 2001-09-14 2004-05-10 컴퓨터 어소시에이츠 싱크, 인코포레이티드 컴퓨터 바이러스 검출 및 치료 방법과 시스템, 프로그램저장 매체, 암호형 데이터 해독 방법, 암호형 컴퓨터바이러스 치료 방법
US6985908B2 (en) * 2001-11-01 2006-01-10 Matsushita Electric Industrial Co., Ltd. Text classification apparatus
US9306966B2 (en) 2001-12-14 2016-04-05 The Trustees Of Columbia University In The City Of New York Methods of unsupervised anomaly detection using a geometric framework
US8544087B1 (en) 2001-12-14 2013-09-24 The Trustess Of Columbia University In The City Of New York Methods of unsupervised anomaly detection using a geometric framework
US7225343B1 (en) 2002-01-25 2007-05-29 The Trustees Of Columbia University In The City Of New York System and methods for adaptive model generation for detecting intrusions in computer systems
US7140041B2 (en) * 2002-04-11 2006-11-21 International Business Machines Corporation Detecting dissemination of malicious programs
US20040021889A1 (en) * 2002-07-30 2004-02-05 Mcafee David A. Method of transmitting information from a document to a remote location, and a computer peripheral device
GB2391965B (en) * 2002-08-14 2005-11-30 Messagelabs Ltd Method of, and system for, heuristically detecting viruses in executable code
US8407798B1 (en) 2002-10-01 2013-03-26 Skybox Secutiry Inc. Method for simulation aided security event management
US8359650B2 (en) * 2002-10-01 2013-01-22 Skybox Secutiry Inc. System, method and computer readable medium for evaluating potential attacks of worms
GB2396227B (en) * 2002-12-12 2006-02-08 Messagelabs Ltd Method of and system for heuristically detecting viruses in executable code
EP1429225A1 (de) * 2002-12-13 2004-06-16 Hewlett-Packard Company Verfahren und Vorrichtung bezogen auf Produktserien, Produkterfassung und Kundendiestleistung
US20040158730A1 (en) * 2003-02-11 2004-08-12 International Business Machines Corporation Running anti-virus software on a network attached storage device
US7426634B2 (en) * 2003-04-22 2008-09-16 Intruguard Devices, Inc. Method and apparatus for rate based denial of service attack detection and prevention
US20050015599A1 (en) * 2003-06-25 2005-01-20 Nokia, Inc. Two-phase hash value matching technique in message protection systems
US7424706B2 (en) * 2003-07-16 2008-09-09 Microsoft Corporation Automatic detection and patching of vulnerable files
US20050081053A1 (en) * 2003-10-10 2005-04-14 International Business Machines Corlporation Systems and methods for efficient computer virus detection
GB2407884A (en) * 2003-11-05 2005-05-11 Qinetiq Ltd Detecting unauthorised steganographic programs stored on a computer system
WO2005052767A1 (en) 2003-11-05 2005-06-09 Qinetiq Limited Detection of items stored in a computer system
US7870161B2 (en) * 2003-11-07 2011-01-11 Qiang Wang Fast signature scan
US8239687B2 (en) 2003-11-12 2012-08-07 The Trustees Of Columbia University In The City Of New York Apparatus method and medium for tracing the origin of network transmissions using n-gram distribution of data
US8271200B2 (en) * 2003-12-31 2012-09-18 Sieracki Jeffrey M System and method for acoustic signature extraction, detection, discrimination, and localization
US7079986B2 (en) * 2003-12-31 2006-07-18 Sieracki Jeffrey M Greedy adaptive signature discrimination system and method
US8478539B2 (en) 2003-12-31 2013-07-02 Jeffrey M. Sieracki System and method for neurological activity signature determination, discrimination, and detection
US7555777B2 (en) * 2004-01-13 2009-06-30 International Business Machines Corporation Preventing attacks in a data processing system
US7861304B1 (en) * 2004-05-07 2010-12-28 Symantec Corporation Pattern matching using embedded functions
US7694340B2 (en) * 2004-06-21 2010-04-06 Microsoft Corporation Anti virus for an item store
US8010685B2 (en) * 2004-11-09 2011-08-30 Cisco Technology, Inc. Method and apparatus for content classification
US7936682B2 (en) * 2004-11-09 2011-05-03 Cisco Technology, Inc. Detecting malicious attacks using network behavior and header analysis
US20070039051A1 (en) * 2004-11-30 2007-02-15 Sensory Networks, Inc. Apparatus And Method For Acceleration of Security Applications Through Pre-Filtering
US20060191008A1 (en) * 2004-11-30 2006-08-24 Sensory Networks Inc. Apparatus and method for accelerating intrusion detection and prevention systems using pre-filtering
US7582562B2 (en) * 2005-10-06 2009-09-01 Micron Technology, Inc. Atomic layer deposition methods
US7707635B1 (en) 2005-10-06 2010-04-27 Trend Micro Incorporated Script-based pattern for detecting computer viruses
DE102005063052A1 (de) * 2005-12-29 2007-07-05 Endress + Hauser Process Solutions Ag Verfahren zum Schutz von Feldgeräten der Prozessautomatisierungstechnik
US20080016573A1 (en) * 2006-07-13 2008-01-17 Aladdin Knowledge System Ltd. Method for detecting computer viruses
US7802299B2 (en) * 2007-04-09 2010-09-21 Microsoft Corporation Binary function database system
US20090013405A1 (en) * 2007-07-06 2009-01-08 Messagelabs Limited Heuristic detection of malicious code
US8375449B1 (en) 2007-08-10 2013-02-12 Fortinet, Inc. Circuits and methods for operating a virus co-processor
US8286246B2 (en) * 2007-08-10 2012-10-09 Fortinet, Inc. Circuits and methods for efficient data transfer in a virus co-processing system
US8079084B1 (en) 2007-08-10 2011-12-13 Fortinet, Inc. Virus co-processor instructions and methods for using such
US7854008B1 (en) * 2007-08-10 2010-12-14 Fortinet, Inc. Software-hardware partitioning in a virus processing system
US9100319B2 (en) 2007-08-10 2015-08-04 Fortinet, Inc. Context-aware pattern matching accelerator
US8656489B1 (en) * 2007-09-29 2014-02-18 Symantec Corporation Method and apparatus for accelerating load-point scanning
JP5008006B2 (ja) * 2007-12-27 2012-08-22 インターナショナル・ビジネス・マシーンズ・コーポレーション シンプトンの検証を可能にするためのコンピュータ・システム、方法及びコンピュータ・プログラム
US8799450B2 (en) * 2008-10-14 2014-08-05 Mcafee, Inc. Server-based system, method, and computer program product for scanning data on a client using only a subset of the data
IL195340A (en) 2008-11-17 2013-06-27 Shlomo Dolev Builds and detects malware signatures for executable codes on your computer
US8291497B1 (en) * 2009-03-20 2012-10-16 Symantec Corporation Systems and methods for byte-level context diversity-based automatic malware signature generation
US8572740B2 (en) 2009-10-01 2013-10-29 Kaspersky Lab, Zao Method and system for detection of previously unknown malware
US8805083B1 (en) 2010-03-21 2014-08-12 Jeffrey M. Sieracki System and method for discriminating constituents of image by complex spectral signature extraction
US9691395B1 (en) 2011-12-31 2017-06-27 Reality Analytics, Inc. System and method for taxonomically distinguishing unconstrained signal data segments
US9886945B1 (en) 2011-07-03 2018-02-06 Reality Analytics, Inc. System and method for taxonomically distinguishing sample data captured from biota sources
US9558762B1 (en) 2011-07-03 2017-01-31 Reality Analytics, Inc. System and method for distinguishing source from unconstrained acoustic signals emitted thereby in context agnostic manner
KR101908944B1 (ko) * 2011-12-13 2018-10-18 삼성전자주식회사 데이터 분석 시스템에서 맬웨어를 분석하기 위한 장치 및 방법
US8281399B1 (en) 2012-03-28 2012-10-02 Symantec Corporation Systems and methods for using property tables to perform non-iterative malware scans
US9172721B2 (en) 2013-07-16 2015-10-27 Fortinet, Inc. Scalable inline behavioral DDOS attack mitigation
CN104850782B (zh) * 2014-02-18 2019-05-14 腾讯科技(深圳)有限公司 匹配病毒特征的方法及装置
US9015165B1 (en) * 2014-03-03 2015-04-21 Michael L. Hamm Text-SQL relational database
US9973528B2 (en) 2015-12-21 2018-05-15 Fortinet, Inc. Two-stage hash based logic for application layer distributed denial of service (DDoS) attack attribution
RU2628923C1 (ru) * 2016-05-20 2017-08-22 Акционерное общество "Лаборатория Касперского" Система и способ распределения файлов между виртуальными машинами, входящими в распределённую систему виртуальных машин, для выполнения антивирусной проверки
US11580219B2 (en) * 2018-01-25 2023-02-14 Mcafee, Llc System and method for malware signature generation

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2000006C (en) * 1989-01-23 1994-07-12 Walter W. Chang Combinatorial signatures for data encoding and searching
NL9101181A (nl) * 1991-07-05 1993-02-01 Nederland Ptt Werkwijze en inrichting voor het detecteren van een of meer bekende karakterstrings in een verzameling karakters.
GB9220404D0 (en) * 1992-08-20 1992-11-11 Nat Security Agency Method of identifying,retrieving and sorting documents
JP2501771B2 (ja) * 1993-01-19 1996-05-29 インターナショナル・ビジネス・マシーンズ・コーポレイション 不所望のソフトウェア・エンティティの複数の有効なシグネチャを得る方法及び装置
US5675711A (en) * 1994-05-13 1997-10-07 International Business Machines Corporation Adaptive statistical regression and classification of data strings, with application to the generic detection of computer viruses
US5706365A (en) * 1995-04-10 1998-01-06 Rebus Technology, Inc. System and method for portable document indexing using n-gram word decomposition
US5696822A (en) * 1995-09-28 1997-12-09 Symantec Corporation Polymorphic virus detection module
US5854916A (en) * 1995-09-28 1998-12-29 Symantec Corporation State-based cache for antivirus software
US5765030A (en) * 1996-07-19 1998-06-09 Symantec Corp Processor emulator module having a variable pre-fetch queue size for program execution
US5822517A (en) * 1996-04-15 1998-10-13 Dotan; Eyal Method for detecting infection of software programs by memory resident software viruses
US5832208A (en) * 1996-09-05 1998-11-03 Cheyenne Software International Sales Corp. Anti-virus agent for use with databases and mail servers

Also Published As

Publication number Publication date
EP0896285A1 (de) 1999-02-10
DE69831708T2 (de) 2006-06-29
US6016546A (en) 2000-01-18
EP0896285B1 (de) 2005-09-28

Similar Documents

Publication Publication Date Title
DE69831708D1 (de) Effiziente Erkennung von Computerviren und andere Dateneigenschaften
DE69807716D1 (de) Erkennung von computerviren verteilt über mehreren datenströme
DE69803199D1 (de) Erkennung und entfernung von makroviren
DE69824075D1 (de) Informationsverarbeitungssystem, rechnerlesbare Medien, und Entwurfsystem
DE69813007D1 (de) Erkennungssystem zur bestimmung der position und andere information von objekten
DE69524306D1 (de) Informationsverarbeitungssystem und mit einem Informationsverarbeitungssystem durchgeführtes Rechnerverfahren
DE69804495D1 (de) Informationsmanagement und wiedergewinnung von schlüsselbegriffen
DE69405764T2 (de) Leitfähige mikropartikel und daraus hergestellte selbstklebende klebebänder
DE69712839D1 (de) Tcas computer und anzeige
DE69422791D1 (de) Sendung und Empfang von Programminformation
DE69523079D1 (de) Personalrechner des Notebooktyps und Batteriebehälter
FI971359A0 (fi) Foerverkligande av koppling mellan basanordning och smartkort
DE69730770D1 (de) Identifizierung von elektronischen Dokumenten
DE69806430T2 (de) Vorrichtung zur Feststellung von vorausgehenden Pits und Informationsaufzeichnungsgerät damit
BR9607907A (pt) Microsfera modificados e fabricação dos mesmos
FI103463B1 (fi) Tietokone ja menetelmä tietokoneen käyttämiseksi
DE59603173D1 (de) Erfassung und auswertung von sicherheitskritischen messgrössen
DE69501411T2 (de) Sicherheitsvorrichtung eines Computers
DE69738663D1 (de) Bestimmung des Plattentypus und Wiedergabe von Plattendaten
DE69828722D1 (de) Verarbeitung von Transaktionsdaten
KR930024168U (ko) 노트북 컴퓨터와 데스크탑 컴퓨터의 하드 디스크 호환장치
DE60031826D1 (de) Trennung von Viren und Nachweis von Viren
ID24776A (id) Metoda dan aparatus pemproses data
DE69927571D1 (de) Datenprozessor und Datenverarbeitungsverfahren
DE69905151D1 (de) Speicherung und wiederauffindung von information

Legal Events

Date Code Title Description
8364 No opposition during term of opposition
8327 Change in the person/name/address of the patent owner

Owner name: LENOVO (SINGAPORE) PTE. LTD., SINGAPUR/SINGAPO, SG

8339 Ceased/non-payment of the annual fee