IN2012DN00880A - - Google Patents

Download PDF

Info

Publication number
IN2012DN00880A
IN2012DN00880A IN880DEN2012A IN2012DN00880A IN 2012DN00880 A IN2012DN00880 A IN 2012DN00880A IN 880DEN2012 A IN880DEN2012 A IN 880DEN2012A IN 2012DN00880 A IN2012DN00880 A IN 2012DN00880A
Authority
IN
India
Prior art keywords
scan
file
scanning results
file system
intermediate scanning
Prior art date
Application number
Inventor
Jarno Niemela
Timo Harmonen
Jorn Sierwald
Mika Stahlberg
Original Assignee
F Secure Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by F Secure Corp filed Critical F Secure Corp
Publication of IN2012DN00880A publication Critical patent/IN2012DN00880A/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/564Static detection by virus signature recognition
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/565Static detection by checking file integrity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Peptides Or Proteins (AREA)
  • Measuring Or Testing Involving Enzymes Or Micro-Organisms (AREA)

Abstract

A method and apparatus for performing an anti-virus scan of a file system. Intermediate scanning results are obtained for a file in the file system, prior to a scan of the file being completed. The intermediate scanning results are then stored in a database. The intermediate scanning results can be used to speed up subsequent scans, and to provide other useful information to an on-line anti-virus server. In a subsequent scan of the file system, a determination is made whether intermediate scanning results relating to the file are available in the database. If they are available for a particular type of intermediate scan, then a scan need not be performed for the file. If they are not, then the scan can be performed. [Figure 2]
IN880DEN2012 2009-07-10 2010-07-07 IN2012DN00880A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB0912017A GB2471716A (en) 2009-07-10 2009-07-10 Anti-virus scan management using intermediate results
PCT/EP2010/059762 WO2011003958A1 (en) 2009-07-10 2010-07-07 Anti-virus scanning

Publications (1)

Publication Number Publication Date
IN2012DN00880A true IN2012DN00880A (en) 2015-07-10

Family

ID=41022471

Family Applications (1)

Application Number Title Priority Date Filing Date
IN880DEN2012 IN2012DN00880A (en) 2009-07-10 2010-07-07

Country Status (9)

Country Link
US (1) US9965630B2 (en)
EP (1) EP2452287B1 (en)
JP (1) JP5631988B2 (en)
CN (1) CN102483780B (en)
BR (1) BRPI1016079A2 (en)
GB (1) GB2471716A (en)
IN (1) IN2012DN00880A (en)
RU (1) RU2551820C2 (en)
WO (1) WO2011003958A1 (en)

Families Citing this family (51)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7757269B1 (en) 2006-02-02 2010-07-13 Mcafee, Inc. Enforcing alignment of approved changes and deployed changes in the software change life-cycle
US7895573B1 (en) 2006-03-27 2011-02-22 Mcafee, Inc. Execution environment file inventory
US8332929B1 (en) 2007-01-10 2012-12-11 Mcafee, Inc. Method and apparatus for process enforced configuration management
US9424154B2 (en) 2007-01-10 2016-08-23 Mcafee, Inc. Method of and system for computer system state checks
US8590046B2 (en) * 2010-07-28 2013-11-19 Bank Of America Corporation Login initiated scanning of computing devices
US8938800B2 (en) 2010-07-28 2015-01-20 Mcafee, Inc. System and method for network level protection against malicious software
US8925101B2 (en) 2010-07-28 2014-12-30 Mcafee, Inc. System and method for local protection against malicious software
US8621634B2 (en) * 2011-01-13 2013-12-31 F-Secure Oyj Malware detection based on a predetermined criterion
US9112830B2 (en) 2011-02-23 2015-08-18 Mcafee, Inc. System and method for interlocking a host and a gateway
US9594881B2 (en) 2011-09-09 2017-03-14 Mcafee, Inc. System and method for passive threat detection using virtual memory inspection
WO2013041016A1 (en) * 2011-09-19 2013-03-28 北京奇虎科技有限公司 Method and device for processing computer viruses
US8713668B2 (en) 2011-10-17 2014-04-29 Mcafee, Inc. System and method for redirected firewall discovery in a network environment
US8584235B2 (en) * 2011-11-02 2013-11-12 Bitdefender IPR Management Ltd. Fuzzy whitelisting anti-malware systems and methods
KR20140093699A (en) * 2011-11-10 2014-07-28 가부시키가이샤 세큐아브레인 Unauthorized application detection system and method
KR102029465B1 (en) * 2011-11-17 2019-10-08 삼성에스디에스 주식회사 Searching and pattern matching engine and terminal apparatus using the same and method thereof
RU2487405C1 (en) * 2011-11-24 2013-07-10 Закрытое акционерное общество "Лаборатория Касперского" System and method for correcting antivirus records
US8739272B1 (en) 2012-04-02 2014-05-27 Mcafee, Inc. System and method for interlocking a host and a gateway
CN103366118A (en) * 2012-04-06 2013-10-23 腾讯科技(深圳)有限公司 Installation package virus searching and killing method and device
CN103425927A (en) * 2012-05-16 2013-12-04 腾讯科技(深圳)有限公司 Device and method for removing viruses of computer documents
CN103577751B (en) * 2012-07-25 2015-06-10 腾讯科技(深圳)有限公司 File scanning method and device
CN103679022B (en) * 2012-09-20 2016-04-20 腾讯科技(深圳)有限公司 Virus scan method and apparatus
US8925085B2 (en) * 2012-11-15 2014-12-30 Microsoft Corporation Dynamic selection and loading of anti-malware signatures
WO2014082599A1 (en) * 2012-11-30 2014-06-05 北京奇虎科技有限公司 Scanning device, cloud management device, method and system for checking and killing malicious programs
US9202050B1 (en) * 2012-12-14 2015-12-01 Symantec Corporation Systems and methods for detecting malicious files
US8973146B2 (en) 2012-12-27 2015-03-03 Mcafee, Inc. Herd based scan avoidance system in a network environment
KR101421632B1 (en) * 2013-02-13 2014-07-22 주식회사 잉카인터넷 system and method of malware scanning
US10409987B2 (en) 2013-03-31 2019-09-10 AO Kaspersky Lab System and method for adaptive modification of antivirus databases
CN103294955B (en) * 2013-06-28 2016-06-08 北京奇虎科技有限公司 Macrovirus checking and killing method and system
US9578052B2 (en) 2013-10-24 2017-02-21 Mcafee, Inc. Agent assisted malicious application blocking in a network environment
CN104217165B (en) * 2014-09-16 2016-07-06 百度在线网络技术(北京)有限公司 The processing method of file and device
CN104281809A (en) * 2014-09-30 2015-01-14 北京奇虎科技有限公司 Method, device and system for searching and killing viruses
CN105791233B (en) * 2014-12-24 2019-02-26 华为技术有限公司 A kind of anti-virus scan method and device
US9654497B2 (en) * 2015-04-04 2017-05-16 International Business Machines Corporation Virus-release-date-based priority virus scanning
US9858418B2 (en) 2015-05-29 2018-01-02 International Business Machines Corporation Reducing delays associated with restoring quarantined files
JP6010672B2 (en) * 2015-09-17 2016-10-19 株式会社エヌ・ティ・ティ・データ Security setting system, security setting method and program
RU2617923C2 (en) * 2015-09-30 2017-04-28 Акционерное общество "Лаборатория Касперского" System and method for anti-virus scanning setting
RU2606559C1 (en) * 2015-10-22 2017-01-10 Акционерное общество "Лаборатория Касперского" System and method for optimizing of files antivirus checking
RU2610228C1 (en) * 2015-12-18 2017-02-08 Акционерное общество "Лаборатория Касперского" System and method of executing operating system process requests to file system
RU2638735C2 (en) * 2016-04-25 2017-12-15 Акционерное общество "Лаборатория Касперского" System and method of optimizing anti-virus testing of inactive operating systems
US10073968B1 (en) * 2016-06-24 2018-09-11 Symantec Corporation Systems and methods for classifying files
US9864956B1 (en) 2017-05-01 2018-01-09 SparkCognition, Inc. Generation and use of trained file classifiers for malware detection
US10305923B2 (en) 2017-06-30 2019-05-28 SparkCognition, Inc. Server-supported malware detection and protection
US10616252B2 (en) 2017-06-30 2020-04-07 SparkCognition, Inc. Automated detection of malware using trained neural network-based file classifiers and machine learning
US10242189B1 (en) * 2018-10-01 2019-03-26 OPSWAT, Inc. File format validation
RU2702053C1 (en) * 2018-12-28 2019-10-03 Акционерное общество "Лаборатория Касперского" Method of reducing load on scanning subsystem by deduplicating file scanning
RU2726878C1 (en) * 2019-04-15 2020-07-16 Акционерное общество "Лаборатория Касперского" Method for faster full antivirus scanning of files on mobile device
US10621346B1 (en) * 2019-08-21 2020-04-14 Netskope, Inc. Efficient scanning for threat detection using in-doc markers
WO2021038704A1 (en) * 2019-08-27 2021-03-04 日本電気株式会社 Backdoor test device, backdoor test method, and non-transitory computer-readable medium
CN112613074A (en) * 2020-12-30 2021-04-06 绿盟科技集团股份有限公司 Sensitive file identification method, device, equipment and medium
US11599636B1 (en) * 2022-07-27 2023-03-07 Aurora Security Llc Systems and methods for managing and providing software packages which have undergone malware and/or vulnerability analysis
CN116186764B (en) * 2023-01-05 2023-09-15 国网山东省电力公司 Data security inspection method and system

Family Cites Families (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5649095A (en) * 1992-03-30 1997-07-15 Cozza; Paul D. Method and apparatus for detecting computer viruses through the use of a scan information cache
US5960170A (en) * 1997-03-18 1999-09-28 Trend Micro, Inc. Event triggered iterative virus detection
US6021510A (en) * 1997-11-24 2000-02-01 Symantec Corporation Antivirus accelerator
US6952776B1 (en) 1999-09-22 2005-10-04 International Business Machines Corporation Method and apparatus for increasing virus detection speed using a database
US6892303B2 (en) * 2000-01-06 2005-05-10 International Business Machines Corporation Method and system for caching virus-free file certificates
GB2368233B (en) * 2000-08-31 2002-10-16 F Secure Oyj Maintaining virus detection software
US7340774B2 (en) * 2001-10-15 2008-03-04 Mcafee, Inc. Malware scanning as a low priority task
JP2003196111A (en) * 2001-12-26 2003-07-11 Hitachi Ltd Virus check method using electronic signature
CN1647007A (en) * 2002-04-13 2005-07-27 计算机联合思想公司 System and method for detecting malicicous code
US7337471B2 (en) * 2002-10-07 2008-02-26 Symantec Corporation Selective detection of malicious computer code
US20040158730A1 (en) * 2003-02-11 2004-08-12 International Business Machines Corporation Running anti-virus software on a network attached storage device
US7398399B2 (en) * 2003-12-12 2008-07-08 International Business Machines Corporation Apparatus, methods and computer programs for controlling performance of operations within a data processing system or network
US7581253B2 (en) * 2004-07-20 2009-08-25 Lenovo (Singapore) Pte. Ltd. Secure storage tracking for anti-virus speed-up
JP2006040196A (en) * 2004-07-30 2006-02-09 Hitachi Information & Control Systems Inc Software monitoring system and monitoring method
US7882561B2 (en) * 2005-01-31 2011-02-01 Microsoft Corporation System and method of caching decisions on when to scan for malware
JP2007034623A (en) * 2005-07-26 2007-02-08 Sharp Corp Detection method for computer virus, program, recording medium with its program stored and detection device for computer virus
US7636946B2 (en) * 2005-08-31 2009-12-22 Microsoft Corporation Unwanted file modification and transactions
JP2007200102A (en) 2006-01-27 2007-08-09 Nec Corp System, program, and method for checking illegal code and illegal data
CN100535916C (en) * 2006-04-14 2009-09-02 北京瑞星国际软件有限公司 Scanning system for virus and method therefor
US7797746B2 (en) 2006-12-12 2010-09-14 Fortinet, Inc. Detection of undesired computer files in archives
CN101039177A (en) * 2007-04-27 2007-09-19 珠海金山软件股份有限公司 Apparatus and method for on-line searching virus
JP4943278B2 (en) * 2007-09-06 2012-05-30 株式会社日立製作所 Virus scanning method and computer system using the method
US20090094698A1 (en) * 2007-10-09 2009-04-09 Anthony Lynn Nichols Method and system for efficiently scanning a computer storage device for pestware
RU80037U1 (en) * 2007-10-31 2009-01-20 ЗАО "Лаборатория Касперского" ANTI-VIRUS MOBILE APPLICATIONS MANAGEMENT SYSTEM
US8255926B2 (en) * 2007-11-06 2012-08-28 International Business Machines Corporation Virus notification based on social groups

Also Published As

Publication number Publication date
JP5631988B2 (en) 2014-11-26
EP2452287A1 (en) 2012-05-16
EP2452287B1 (en) 2020-03-25
BRPI1016079A2 (en) 2016-05-10
US20120159631A1 (en) 2012-06-21
JP2012533104A (en) 2012-12-20
GB0912017D0 (en) 2009-08-19
CN102483780B (en) 2015-08-12
RU2551820C2 (en) 2015-05-27
RU2012102818A (en) 2013-08-27
GB2471716A (en) 2011-01-12
US9965630B2 (en) 2018-05-08
WO2011003958A1 (en) 2011-01-13
CN102483780A (en) 2012-05-30

Similar Documents

Publication Publication Date Title
IN2012DN00880A (en)
SG154442A1 (en) Method and apparatus for finding anomalies in finished parts and/or assemblies
WO2011139238A3 (en) System and method for directing content to users of a social networking engine
EP2595080A3 (en) Information processing apparatus, information storage apparatus, information processing system, and information processing method and program
GB2452663A (en) Method and apparatus for comparing document features using texture analysis
EP2149861A3 (en) Method, apparatus, and computer program product for improved graphics performance
WO2011035150A3 (en) Systems and methods for sharing user generated slide objects over a network
WO2012110898A3 (en) System and method for multi-scanner x-ray inspection
EP2434390A3 (en) Method of adding value to print data, a value-adding device, and a recording medium
MX2014007127A (en) Methods of calibration transfer for a testing instrument.
ATE514161T1 (en) DEVICE AND METHOD FOR COMPUTING A FINGERPRINT OF AN AUDIO SIGNAL, DEVICE AND METHOD FOR SYNCHRONIZING AND DEVICE AND METHOD FOR CHARACTERIZING A TEST AUDIO SIGNAL
SG157252A1 (en) Data quality analyzing method and system
EP2113851A3 (en) Content migration tool and method associated therewith
EP2573690A3 (en) Systems and methods for contextual analysis and segmentation using dynamically-derived topics
EP2662832A3 (en) Method, apparatus and computer program product for alignment of frames
EP2595076A3 (en) Compression of genomic data
WO2009154353A3 (en) Method for blocking harmful internet sites in real time using engine for accessing object's properties
EP2573691A3 (en) Systems and methods for contextual analysis and segmentation of information objects
EP1965312A3 (en) Information processing apparatus and method, program, and storage medium
WO2007050345A3 (en) Method and system for testing enterprise applications
WO2008126773A1 (en) Information processing system and information processing method
EP1724755A3 (en) Method and system for comparing audio signals and identifying an audio source
Eremeev et al. An algorithm for matching spatial objects of different-scale maps based on topological data analysis
WO2007095359A3 (en) Assay for distinguishing live and dead cells
EP2508027A4 (en) Method and apparatus for providing a framework for efficient scanning and session establishment