[go: up one dir, main page]

WO1998045778A3 - Antivirus system and method - Google Patents

Antivirus system and method Download PDF

Info

Publication number
WO1998045778A3
WO1998045778A3 PCT/IL1998/000170 IL9800170W WO9845778A3 WO 1998045778 A3 WO1998045778 A3 WO 1998045778A3 IL 9800170 W IL9800170 W IL 9800170W WO 9845778 A3 WO9845778 A3 WO 9845778A3
Authority
WO
WIPO (PCT)
Prior art keywords
processor
predefined
behaviour
detect
suspect
Prior art date
Application number
PCT/IL1998/000170
Other languages
French (fr)
Other versions
WO1998045778A2 (en
Inventor
Marc Zuta
Original Assignee
Marc Zuta
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Marc Zuta filed Critical Marc Zuta
Priority to AU68507/98A priority Critical patent/AU6850798A/en
Publication of WO1998045778A2 publication Critical patent/WO1998045778A2/en
Publication of WO1998045778A3 publication Critical patent/WO1998045778A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/567Computer malware detection or handling, e.g. anti-virus arrangements using dedicated hardware
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/34Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
    • G06F11/3466Performance evaluation by tracing or monitoring

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
  • Debugging And Monitoring (AREA)

Abstract

In an antivirus multiprocessor system, a second processor (2) is attached to a first processor (11) for monitoring its performance and intervening if predefined behaviour thereof is detected. The second processor (2) includes means for continuously supervising the operation of the first processor (11) to detect virus-related activities therein by comparing therein actual performed instructions in the first processor (11) with instruction sequences corresponding to known viruses or to predefined suspect behaviour, to prevent damage to the application processor. A plurality of sensors is used to detect suspect activity in various media like radio frequency or wireless RF, serial or parallel communication channels.
PCT/IL1998/000170 1997-04-08 1998-04-08 Antivirus system and method WO1998045778A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU68507/98A AU6850798A (en) 1997-04-08 1998-04-08 Antivirus system and method

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IL120632 1997-04-08
IL12063297A IL120632A0 (en) 1997-04-08 1997-04-08 Multiprocessor system and method

Publications (2)

Publication Number Publication Date
WO1998045778A2 WO1998045778A2 (en) 1998-10-15
WO1998045778A3 true WO1998045778A3 (en) 1998-12-30

Family

ID=11070011

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IL1998/000170 WO1998045778A2 (en) 1997-04-08 1998-04-08 Antivirus system and method

Country Status (3)

Country Link
AU (1) AU6850798A (en)
IL (1) IL120632A0 (en)
WO (1) WO1998045778A2 (en)

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7303120B2 (en) 2001-07-10 2007-12-04 American Express Travel Related Services Company, Inc. System for biometric security using a FOB
US7314164B2 (en) 2004-07-01 2008-01-01 American Express Travel Related Services Company, Inc. System for biometric security using a smartcard
US7314165B2 (en) 2004-07-01 2008-01-01 American Express Travel Related Services Company, Inc. Method and system for smellprint recognition biometrics on a smartcard
US7325724B2 (en) 2004-07-01 2008-02-05 American Express Travel Related Services Company, Inc. Method for registering a biometric for use with a smartcard
US7341181B2 (en) 2004-07-01 2008-03-11 American Express Travel Related Services Company, Inc. Method for biometric security using a smartcard
US7363504B2 (en) 2004-07-01 2008-04-22 American Express Travel Related Services Company, Inc. Method and system for keystroke scan recognition biometrics on a smartcard
US7360689B2 (en) 2001-07-10 2008-04-22 American Express Travel Related Services Company, Inc. Method and system for proffering multiple biometrics for use with a FOB
US7505941B2 (en) 1999-08-31 2009-03-17 American Express Travel Related Services Company, Inc. Methods and apparatus for conducting electronic transactions using biometrics
US7543738B1 (en) 2001-07-10 2009-06-09 American Express Travel Related Services Company, Inc. System and method for secure transactions manageable by a transaction account provider
US7578448B2 (en) 2001-07-10 2009-08-25 Blayn W Beenau Authorizing radio frequency transactions using a keystroke scan
US7594612B2 (en) 2004-07-01 2009-09-29 American Express Travel Related Services Company, Inc. Smartcard transaction method and system using retinal scan recognition
US7639116B2 (en) 2001-07-10 2009-12-29 Peter D Saunders Converting account data associated with a radio frequency device
USRE43157E1 (en) 2002-09-12 2012-02-07 Xatra Fund Mx, Llc System and method for reassociating an account number to another transaction account
US8924310B2 (en) 1999-08-31 2014-12-30 Lead Core Fund, L.L.C. Methods and apparatus for conducting electronic transactions
USRE45416E1 (en) 2001-07-10 2015-03-17 Xatra Fund Mx, Llc Processing an RF transaction using a routing number
US9031880B2 (en) 2001-07-10 2015-05-12 Iii Holdings 1, Llc Systems and methods for non-traditional payment using biometric data
US9454752B2 (en) 2001-07-10 2016-09-27 Chartoleaux Kg Limited Liability Company Reload protocol at a transaction processing entity
US10810098B2 (en) 2015-07-31 2020-10-20 Arm Ip Limited Probabilistic processor monitoring

Families Citing this family (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4812168B2 (en) 1999-02-15 2011-11-09 ヒューレット・パッカード・カンパニー Trusted computing platform
EP1056010A1 (en) 1999-05-28 2000-11-29 Hewlett-Packard Company Data integrity monitoring in trusted computing entity
EP1055990A1 (en) * 1999-05-28 2000-11-29 Hewlett-Packard Company Event logging in a computing platform
MXPA02002081A (en) * 1999-08-31 2004-07-30 American Express Travel Relate Methods and apparatus for conducting electronic transactions.
EP1410129A2 (en) * 2000-02-07 2004-04-21 Panacya, Inc. Computer security system identifying suspect behavior
WO2001077794A2 (en) * 2000-04-06 2001-10-18 Granite Technologies, Inc. System and method for real time monitoring and control of a computer machine environment and configuration profile
US9213836B2 (en) 2000-05-28 2015-12-15 Barhon Mayer, Batya System and method for comprehensive general electric protection for computers against malicious programs that may steal information and/or cause damages
GB2411748B (en) * 2000-05-28 2005-10-19 Secureol System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages
US7263616B1 (en) 2000-09-22 2007-08-28 Ge Medical Systems Global Technology Company, Llc Ultrasound imaging system having computer virus protection
GB2372594B (en) 2001-02-23 2004-10-06 Hewlett Packard Co Trusted computing environment
US7665137B1 (en) 2001-07-26 2010-02-16 Mcafee, Inc. System, method and computer program product for anti-virus scanning in a storage subsystem
US7673343B1 (en) 2001-07-26 2010-03-02 Mcafee, Inc. Anti-virus scanning co-processor
US6792543B2 (en) 2001-08-01 2004-09-14 Networks Associates Technology, Inc. Virus scanning on thin client devices using programmable assembly language
FR2830638A1 (en) * 2001-10-05 2003-04-11 France Telecom Detection of attacks, especially virus type attacks, on a computer system, whereby a generic method is used that is capable of detecting attack programs hidden in data chains that are loaded into memory by a detectable instruction
JP3914757B2 (en) * 2001-11-30 2007-05-16 デュアキシズ株式会社 Apparatus, method and system for virus inspection
US8185943B1 (en) 2001-12-20 2012-05-22 Mcafee, Inc. Network adapter firewall system and method
US7761605B1 (en) 2001-12-20 2010-07-20 Mcafee, Inc. Embedded anti-virus scanner for a network adapter
EP1333350A1 (en) * 2002-01-30 2003-08-06 STMicroelectronics Limited Memory security device
SE0203098D0 (en) * 2002-10-17 2002-10-17 Zacharis Sahlberg Net-safe
US8171551B2 (en) * 2003-04-01 2012-05-01 Mcafee, Inc. Malware detection using external call characteristics
GB2406485B (en) * 2003-09-11 2006-09-13 Detica Ltd Real-time network monitoring and security
DE102005014837B4 (en) 2004-08-02 2007-08-30 Mahltig, Holger Security module and method for controlling and controlling a data traffic of a personal computer
US20070250818A1 (en) * 2006-04-20 2007-10-25 Boney Matthew L Backwards researching existing pestware
US8181244B2 (en) * 2006-04-20 2012-05-15 Webroot Inc. Backward researching time stamped events to find an origin of pestware
US8201243B2 (en) 2006-04-20 2012-06-12 Webroot Inc. Backwards researching activity indicative of pestware
US8190868B2 (en) 2006-08-07 2012-05-29 Webroot Inc. Malware management through kernel detection
US11489857B2 (en) 2009-04-21 2022-11-01 Webroot Inc. System and method for developing a risk profile for an internet resource
WO2011053324A1 (en) * 2009-10-31 2011-05-05 Hewlett-Packard Development Company, L.P. Malicious code detection
US8832837B2 (en) 2012-06-29 2014-09-09 Mcafee Inc. Preventing attacks on devices with multiple CPUs
US9852290B1 (en) 2013-07-12 2017-12-26 The Boeing Company Systems and methods of analyzing a software component
US9396082B2 (en) 2013-07-12 2016-07-19 The Boeing Company Systems and methods of analyzing a software component
EP2942728B1 (en) * 2014-04-30 2019-09-11 The Boeing Company Systems and methods of analyzing a software component
US11481492B2 (en) 2017-07-25 2022-10-25 Trend Micro Incorporated Method and system for static behavior-predictive malware detection

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5414833A (en) * 1993-10-27 1995-05-09 International Business Machines Corporation Network security system and method using a parallel finite state machine adaptive active monitor and responder
US5440723A (en) * 1993-01-19 1995-08-08 International Business Machines Corporation Automatic immune system for computers and computer networks
US5491791A (en) * 1995-01-13 1996-02-13 International Business Machines Corporation System and method for remote workstation monitoring within a distributed computing environment
US5657473A (en) * 1990-02-21 1997-08-12 Arendee Limited Method and apparatus for controlling access to and corruption of information in computer systems

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5657473A (en) * 1990-02-21 1997-08-12 Arendee Limited Method and apparatus for controlling access to and corruption of information in computer systems
US5440723A (en) * 1993-01-19 1995-08-08 International Business Machines Corporation Automatic immune system for computers and computer networks
US5414833A (en) * 1993-10-27 1995-05-09 International Business Machines Corporation Network security system and method using a parallel finite state machine adaptive active monitor and responder
US5491791A (en) * 1995-01-13 1996-02-13 International Business Machines Corporation System and method for remote workstation monitoring within a distributed computing environment

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
COHEN F.: "CURRENT BEST PRACTICE AGAINST COMPUTER VIRUSES.", PROCEEDINGS OF THE ANNUAL INTERNATIONAL CARNAHAN CONFERENCE ON SECURITY TECHNOLOGY. TAIPEI, OCT. 1 - 3, 1991., NEW YORK, IEEE., US, vol. CONF. 25, 1 January 1991 (1991-01-01), US, pages 261 - 270., XP002913268, ISBN: 978-0-7803-0120-7, DOI: 10.1109/CCST.1991.202223 *
LADKIN P., THIMBLEBY H.: "COMMENTS ON A PAER BY VAOS, PAYNE AND COHEN: "A MODEL FOR DETECTINGTHE EXISTENCE OF SOFTWARE CORRUPTION IN REAL TIME".", COMPUTERS & SECURITY., ELSEVIER SCIENCE PUBLISHERS. AMSTERDAM., NL, vol. 13., 1 January 1994 (1994-01-01), NL, pages 527 - 531., XP002913267, ISSN: 0167-4048, DOI: 10.1016/0167-4048(91)90140-9 *
QASEM I. R., ET AL.: "COMPUTER VIRUSES: DETECTION AND PREVENTION TECHNIQUES.", TECHNOLOGIES TODAY AND TOMORROW. NEW ORLEANS, APRIL 1 - 4, 1990., NEW YORK, IEEE., US, vol. -, 1 January 1990 (1990-01-01), US, pages 199/200., XP002913269 *

Cited By (37)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8938402B2 (en) 1999-08-31 2015-01-20 Lead Core Fund, L.L.C. Methods and apparatus for conducting electronic transactions
US9519894B2 (en) 1999-08-31 2016-12-13 Gula Consulting Limited Liability Company Methods and apparatus for conducting electronic transactions
US7505941B2 (en) 1999-08-31 2009-03-17 American Express Travel Related Services Company, Inc. Methods and apparatus for conducting electronic transactions using biometrics
US8924310B2 (en) 1999-08-31 2014-12-30 Lead Core Fund, L.L.C. Methods and apparatus for conducting electronic transactions
US9031880B2 (en) 2001-07-10 2015-05-12 Iii Holdings 1, Llc Systems and methods for non-traditional payment using biometric data
US7637434B2 (en) 2001-07-10 2009-12-29 Blayn W Beenau Registering a biometric for radio frequency transactions
US7360689B2 (en) 2001-07-10 2008-04-22 American Express Travel Related Services Company, Inc. Method and system for proffering multiple biometrics for use with a FOB
US7543738B1 (en) 2001-07-10 2009-06-09 American Express Travel Related Services Company, Inc. System and method for secure transactions manageable by a transaction account provider
US9336634B2 (en) 2001-07-10 2016-05-10 Chartoleaux Kg Limited Liability Company Hand geometry biometrics on a payment device
US7303120B2 (en) 2001-07-10 2007-12-04 American Express Travel Related Services Company, Inc. System for biometric security using a FOB
US7506818B2 (en) 2001-07-10 2009-03-24 Xatra Fund Mx, Llc Biometrics for radio frequency payment transactions
USRE45416E1 (en) 2001-07-10 2015-03-17 Xatra Fund Mx, Llc Processing an RF transaction using a routing number
US7639116B2 (en) 2001-07-10 2009-12-29 Peter D Saunders Converting account data associated with a radio frequency device
US7500616B2 (en) 2001-07-10 2009-03-10 Xatra Fund Mx, Llc Authenticating fingerprints for radio frequency payment transactions
US9454752B2 (en) 2001-07-10 2016-09-27 Chartoleaux Kg Limited Liability Company Reload protocol at a transaction processing entity
US7578448B2 (en) 2001-07-10 2009-08-25 Blayn W Beenau Authorizing radio frequency transactions using a keystroke scan
US7506819B2 (en) 2001-07-10 2009-03-24 Xatra Fund Mx, Llc Biometric security using a fob
USRE43157E1 (en) 2002-09-12 2012-02-07 Xatra Fund Mx, Llc System and method for reassociating an account number to another transaction account
US7451925B2 (en) 2004-07-01 2008-11-18 American Express Travel Related Services Company, Inc. System for biometric security using a smartcard
US7494058B2 (en) 2004-07-01 2009-02-24 American Express Travel Related Services Company, Inc. Smartcard transaction method and system using voiceprint recognition
US7530493B2 (en) 2004-07-01 2009-05-12 American Express Travel Related Services Company, Inc. Smartcard transaction method and system using iris scan recognition
US7533827B2 (en) 2004-07-01 2009-05-19 American Express Travel Related Services Company, Inc. Smartcard transaction method and system using signature recognition
US7510115B2 (en) 2004-07-01 2009-03-31 American Express Travel Related Services Company, Inc. Smartcard transaction method and system using auditory scan recognition
US7506806B2 (en) 2004-07-01 2009-03-24 American Express Travel Related Services Company, Inc. Smartcard transaction method and system using fingerprint recognition
US7594612B2 (en) 2004-07-01 2009-09-29 American Express Travel Related Services Company, Inc. Smartcard transaction method and system using retinal scan recognition
US7597265B2 (en) 2004-07-01 2009-10-06 American Express Travel Related Services Company, Inc. Method and system for vascular scan recognition with a smartcard
US7497375B2 (en) 2004-07-01 2009-03-03 American Express Travel Related Services Company, Inc. Smartcard transaction method and system using smellprint recognition
US7523860B2 (en) 2004-07-01 2009-04-28 American Express Travel Related Services Company, Inc. Smartcard transaction method and system using facial scan recognition
US7451924B2 (en) 2004-07-01 2008-11-18 American Express Travel Related Services Company, Inc. System for biometric security using a smartcard
US7445149B2 (en) 2004-07-01 2008-11-04 American Express Travel Related Services Company, Inc. System for biometric security using a smartcard
US7438234B2 (en) 2004-07-01 2008-10-21 American Express Travel Related Services Company, Inc. System for biometric security using a smartcard
US7363504B2 (en) 2004-07-01 2008-04-22 American Express Travel Related Services Company, Inc. Method and system for keystroke scan recognition biometrics on a smartcard
US7341181B2 (en) 2004-07-01 2008-03-11 American Express Travel Related Services Company, Inc. Method for biometric security using a smartcard
US7325724B2 (en) 2004-07-01 2008-02-05 American Express Travel Related Services Company, Inc. Method for registering a biometric for use with a smartcard
US7314165B2 (en) 2004-07-01 2008-01-01 American Express Travel Related Services Company, Inc. Method and system for smellprint recognition biometrics on a smartcard
US7314164B2 (en) 2004-07-01 2008-01-01 American Express Travel Related Services Company, Inc. System for biometric security using a smartcard
US10810098B2 (en) 2015-07-31 2020-10-20 Arm Ip Limited Probabilistic processor monitoring

Also Published As

Publication number Publication date
AU6850798A (en) 1998-10-30
WO1998045778A2 (en) 1998-10-15
IL120632A0 (en) 1997-08-14

Similar Documents

Publication Publication Date Title
WO1998045778A3 (en) Antivirus system and method
IL164609A0 (en) Detecting and countering malicious code in enterprise networks
WO2000001299A8 (en) System and method for detecting atrial events of a heart
WO2004092907A3 (en) Extensible sensor monitoring, alert processing and notification system and method
WO2008082767A3 (en) Active lifestyle management
ID29048A (en) DISCLOSURE OF MONITOR RELATIONSHIP ON CALLER
DE60213836D1 (en) MONITORING SYSTEM, VEHICLE MONITORING SYSTEM, MONITORING PROCEDURE, MONITORING PROGRAM, THIS CONTAINING COMPUTER READABLE RECORDING MEDIUM
CA2402269A1 (en) Regeneration device of exhaust gas purification filter and filter regeneration method
WO2005011183A3 (en) System and method for wake on wireless lan
WO2004042524A3 (en) Ids with analyzer to determine intrusion characteristics
WO2004092925A3 (en) Method and system for detecting characteristics of a wireless network
JPS55138634A (en) Fault diagnosis apparatus of apparatus
WO2004093370A3 (en) Distributed power management
CY1110603T1 (en) SYSTEM AND METHOD FOR DETECTION OF UNAUTHORIZED WIRELESS ACCESS POINTS
CA2285058A1 (en) Coincidence detection method, products and apparatus
EP1349128A3 (en) System for monitoring an inhabited environment
WO2005057233A3 (en) Method and system for monitoring a selected region of an airspace associated with local area networks of computing devices
WO2004029883A3 (en) Methods and systems for collecting and processing data in association with machine operation and maintenance
AU1111900A (en) Combined searching and page monitoring using offline sample storage
EP1437701A3 (en) System, controller and method of detecting a hazardous condition within an enclosure having a ventilation system
EP1047224A3 (en) Network security monitor and method of monitoring
CA2392498A1 (en) Monitor, system and method for monitoring performance of a scheduler
WO2004089208A8 (en) Microwave based monitoring system and method
WO2004070509A3 (en) Detecting and protecting against worm traffic on a network
EP1065213A3 (en) HCV polymerase suitable for crystal structure analysis and method for using the enzyme

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM GW HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN ML MR NE SN TD TG

ENP Entry into the national phase

Ref country code: US

Ref document number: 1998 205341

Date of ref document: 19981208

Kind code of ref document: A

Format of ref document f/p: F

AK Designated states

Kind code of ref document: A3

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM GW HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

NENP Non-entry into the national phase

Ref country code: CA

NENP Non-entry into the national phase

Ref country code: JP

Ref document number: 1998542562

Format of ref document f/p: F

122 Ep: pct application non-entry in european phase