WO1998045778A3 - Antivirus system and method - Google Patents

Antivirus system and method Download PDF

Info

Publication number
WO1998045778A3
WO1998045778A3 PCT/IL1998/000170 IL9800170W WO9845778A3 WO 1998045778 A3 WO1998045778 A3 WO 1998045778A3 IL 9800170 W IL9800170 W IL 9800170W WO 9845778 A3 WO9845778 A3 WO 9845778A3
Authority
WO
WIPO (PCT)
Prior art keywords
processor
predefined
behaviour
detect
suspect
Prior art date
Application number
PCT/IL1998/000170
Other languages
French (fr)
Other versions
WO1998045778A2 (en
Inventor
Marc Zuta
Original Assignee
Marc Zuta
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Marc Zuta filed Critical Marc Zuta
Priority to AU68507/98A priority Critical patent/AU6850798A/en
Publication of WO1998045778A2 publication Critical patent/WO1998045778A2/en
Publication of WO1998045778A3 publication Critical patent/WO1998045778A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/567Computer malware detection or handling, e.g. anti-virus arrangements using dedicated hardware
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/34Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
    • G06F11/3466Performance evaluation by tracing or monitoring

Abstract

In an antivirus multiprocessor system, a second processor (2) is attached to a first processor (11) for monitoring its performance and intervening if predefined behaviour thereof is detected. The second processor (2) includes means for continuously supervising the operation of the first processor (11) to detect virus-related activities therein by comparing therein actual performed instructions in the first processor (11) with instruction sequences corresponding to known viruses or to predefined suspect behaviour, to prevent damage to the application processor. A plurality of sensors is used to detect suspect activity in various media like radio frequency or wireless RF, serial or parallel communication channels.
PCT/IL1998/000170 1997-04-08 1998-04-08 Antivirus system and method WO1998045778A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU68507/98A AU6850798A (en) 1997-04-08 1998-04-08 Antivirus system and method

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IL120632 1997-04-08
IL12063297A IL120632A0 (en) 1997-04-08 1997-04-08 Multiprocessor system and method

Publications (2)

Publication Number Publication Date
WO1998045778A2 WO1998045778A2 (en) 1998-10-15
WO1998045778A3 true WO1998045778A3 (en) 1998-12-30

Family

ID=11070011

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IL1998/000170 WO1998045778A2 (en) 1997-04-08 1998-04-08 Antivirus system and method

Country Status (3)

Country Link
AU (1) AU6850798A (en)
IL (1) IL120632A0 (en)
WO (1) WO1998045778A2 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
USRE43157E1 (en) 2002-09-12 2012-02-07 Xatra Fund Mx, Llc System and method for reassociating an account number to another transaction account
US8924310B2 (en) 1999-08-31 2014-12-30 Lead Core Fund, L.L.C. Methods and apparatus for conducting electronic transactions
USRE45416E1 (en) 2001-07-10 2015-03-17 Xatra Fund Mx, Llc Processing an RF transaction using a routing number
US9031880B2 (en) 2001-07-10 2015-05-12 Iii Holdings 1, Llc Systems and methods for non-traditional payment using biometric data
US9336634B2 (en) 2001-07-10 2016-05-10 Chartoleaux Kg Limited Liability Company Hand geometry biometrics on a payment device
US9454752B2 (en) 2001-07-10 2016-09-27 Chartoleaux Kg Limited Liability Company Reload protocol at a transaction processing entity

Families Citing this family (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4812168B2 (en) 1999-02-15 2011-11-09 ヒューレット・パッカード・カンパニー Trusted computing platform
EP1055990A1 (en) * 1999-05-28 2000-11-29 Hewlett-Packard Company Event logging in a computing platform
EP1056010A1 (en) 1999-05-28 2000-11-29 Hewlett-Packard Company Data integrity monitoring in trusted computing entity
CA2753375C (en) * 1999-08-31 2015-09-22 American Express Travel Related Services Company, Inc. Methods and apparatus for conducting electronic transactions
EP1410129A2 (en) * 2000-02-07 2004-04-21 Panacya, Inc. Computer security system identifying suspect behavior
US20020026605A1 (en) * 2000-04-06 2002-02-28 Terry Robert F. System and method for real time monitoring and control of a computer machine environment and configuration profile
US9213836B2 (en) 2000-05-28 2015-12-15 Barhon Mayer, Batya System and method for comprehensive general electric protection for computers against malicious programs that may steal information and/or cause damages
GB2411747B (en) * 2000-05-28 2005-10-19 Secureol System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages
US7263616B1 (en) 2000-09-22 2007-08-28 Ge Medical Systems Global Technology Company, Llc Ultrasound imaging system having computer virus protection
GB2372594B (en) 2001-02-23 2004-10-06 Hewlett Packard Co Trusted computing environment
US7249112B2 (en) 2002-07-09 2007-07-24 American Express Travel Related Services Company, Inc. System and method for assigning a funding source for a radio frequency identification device
US7673343B1 (en) 2001-07-26 2010-03-02 Mcafee, Inc. Anti-virus scanning co-processor
US7665137B1 (en) 2001-07-26 2010-02-16 Mcafee, Inc. System, method and computer program product for anti-virus scanning in a storage subsystem
US6792543B2 (en) 2001-08-01 2004-09-14 Networks Associates Technology, Inc. Virus scanning on thin client devices using programmable assembly language
FR2830638A1 (en) * 2001-10-05 2003-04-11 France Telecom Detection of attacks, especially virus type attacks, on a computer system, whereby a generic method is used that is capable of detecting attack programs hidden in data chains that are loaded into memory by a detectable instruction
JP3914757B2 (en) * 2001-11-30 2007-05-16 デュアキシズ株式会社 Apparatus, method and system for virus inspection
US7761605B1 (en) 2001-12-20 2010-07-20 Mcafee, Inc. Embedded anti-virus scanner for a network adapter
US8185943B1 (en) 2001-12-20 2012-05-22 Mcafee, Inc. Network adapter firewall system and method
EP1333350A1 (en) * 2002-01-30 2003-08-06 STMicroelectronics Limited Memory security device
SE0203098D0 (en) * 2002-10-17 2002-10-17 Zacharis Sahlberg Net-safe
US8171551B2 (en) * 2003-04-01 2012-05-01 Mcafee, Inc. Malware detection using external call characteristics
EP1665715B1 (en) * 2003-09-11 2019-05-22 Bae Systems Plc Real-time network monitoring and security
DE102005014837B4 (en) 2004-08-02 2007-08-30 Mahltig, Holger Security module and method for controlling and controlling a data traffic of a personal computer
US8201243B2 (en) 2006-04-20 2012-06-12 Webroot Inc. Backwards researching activity indicative of pestware
US20070250818A1 (en) * 2006-04-20 2007-10-25 Boney Matthew L Backwards researching existing pestware
US8181244B2 (en) * 2006-04-20 2012-05-15 Webroot Inc. Backward researching time stamped events to find an origin of pestware
US8190868B2 (en) 2006-08-07 2012-05-29 Webroot Inc. Malware management through kernel detection
US11489857B2 (en) 2009-04-21 2022-11-01 Webroot Inc. System and method for developing a risk profile for an internet resource
CN102576392B (en) * 2009-10-31 2014-12-17 惠普发展公司,有限责任合伙企业 Malicious code detection
US8832837B2 (en) * 2012-06-29 2014-09-09 Mcafee Inc. Preventing attacks on devices with multiple CPUs
US9852290B1 (en) 2013-07-12 2017-12-26 The Boeing Company Systems and methods of analyzing a software component
US9396082B2 (en) 2013-07-12 2016-07-19 The Boeing Company Systems and methods of analyzing a software component
EP3588353B1 (en) * 2014-04-30 2021-08-18 The Boeing Company Systems and methods of analyzing a software component
GB2540949B (en) * 2015-07-31 2019-01-30 Arm Ip Ltd Probabilistic Processor Monitoring
US11481492B2 (en) 2017-07-25 2022-10-25 Trend Micro Incorporated Method and system for static behavior-predictive malware detection

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5414833A (en) * 1993-10-27 1995-05-09 International Business Machines Corporation Network security system and method using a parallel finite state machine adaptive active monitor and responder
US5440723A (en) * 1993-01-19 1995-08-08 International Business Machines Corporation Automatic immune system for computers and computer networks
US5491791A (en) * 1995-01-13 1996-02-13 International Business Machines Corporation System and method for remote workstation monitoring within a distributed computing environment
US5657473A (en) * 1990-02-21 1997-08-12 Arendee Limited Method and apparatus for controlling access to and corruption of information in computer systems

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5657473A (en) * 1990-02-21 1997-08-12 Arendee Limited Method and apparatus for controlling access to and corruption of information in computer systems
US5440723A (en) * 1993-01-19 1995-08-08 International Business Machines Corporation Automatic immune system for computers and computer networks
US5414833A (en) * 1993-10-27 1995-05-09 International Business Machines Corporation Network security system and method using a parallel finite state machine adaptive active monitor and responder
US5491791A (en) * 1995-01-13 1996-02-13 International Business Machines Corporation System and method for remote workstation monitoring within a distributed computing environment

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
COHEN F.: "CURRENT BEST PRACTICE AGAINST COMPUTER VIRUSES.", PROCEEDINGS OF THE ANNUAL INTERNATIONAL CARNAHAN CONFERENCE ON SECURITY TECHNOLOGY. TAIPEI, OCT. 1 - 3, 1991., NEW YORK, IEEE., US, vol. CONF. 25, 1 January 1991 (1991-01-01), US, pages 261 - 270., XP002913268, ISBN: 978-0-7803-0120-7, DOI: 10.1109/CCST.1991.202223 *
LADKIN P., THIMBLEBY H.: "COMMENTS ON A PAER BY VAOS, PAYNE AND COHEN: "A MODEL FOR DETECTINGTHE EXISTENCE OF SOFTWARE CORRUPTION IN REAL TIME".", COMPUTERS & SECURITY., ELSEVIER SCIENCE PUBLISHERS. AMSTERDAM., NL, vol. 13., 1 January 1994 (1994-01-01), NL, pages 527 - 531., XP002913267, ISSN: 0167-4048, DOI: 10.1016/0167-4048(91)90140-9 *
QASEM I. R., ET AL.: "COMPUTER VIRUSES: DETECTION AND PREVENTION TECHNIQUES.", TECHNOLOGIES TODAY AND TOMORROW. NEW ORLEANS, APRIL 1 - 4, 1990., NEW YORK, IEEE., US, vol. -, 1 January 1990 (1990-01-01), US, pages 199/200., XP002913269 *

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8924310B2 (en) 1999-08-31 2014-12-30 Lead Core Fund, L.L.C. Methods and apparatus for conducting electronic transactions
US8938402B2 (en) 1999-08-31 2015-01-20 Lead Core Fund, L.L.C. Methods and apparatus for conducting electronic transactions
US9519894B2 (en) 1999-08-31 2016-12-13 Gula Consulting Limited Liability Company Methods and apparatus for conducting electronic transactions
USRE45416E1 (en) 2001-07-10 2015-03-17 Xatra Fund Mx, Llc Processing an RF transaction using a routing number
US9031880B2 (en) 2001-07-10 2015-05-12 Iii Holdings 1, Llc Systems and methods for non-traditional payment using biometric data
US9336634B2 (en) 2001-07-10 2016-05-10 Chartoleaux Kg Limited Liability Company Hand geometry biometrics on a payment device
US9454752B2 (en) 2001-07-10 2016-09-27 Chartoleaux Kg Limited Liability Company Reload protocol at a transaction processing entity
USRE43157E1 (en) 2002-09-12 2012-02-07 Xatra Fund Mx, Llc System and method for reassociating an account number to another transaction account

Also Published As

Publication number Publication date
IL120632A0 (en) 1997-08-14
WO1998045778A2 (en) 1998-10-15
AU6850798A (en) 1998-10-30

Similar Documents

Publication Publication Date Title
WO1998045778A3 (en) Antivirus system and method
BR0309288A (en) Detection and action against malicious code in corporate networks
WO2000001299A8 (en) System and method for detecting atrial events of a heart
WO2004092907A3 (en) Extensible sensor monitoring, alert processing and notification system and method
WO2008082767A3 (en) Active lifestyle management
WO2003090037A3 (en) System and method for management of a shared frequency band
WO2004051590A3 (en) Surveillance system with identification correlation
DE60213836D1 (en) MONITORING SYSTEM, VEHICLE MONITORING SYSTEM, MONITORING PROCEDURE, MONITORING PROGRAM, THIS CONTAINING COMPUTER READABLE RECORDING MEDIUM
WO2003048725A3 (en) Techniques for early detection of localized exposure to an agent active on a biological population
AU2003226029A1 (en) Method and apparatus for automatic pest trap report generation and for recording additional trap parameter data
CA2402269A1 (en) Regeneration device of exhaust gas purification filter and filter regeneration method
WO2004042524A3 (en) Ids with analyzer to determine intrusion characteristics
WO2004032177A3 (en) Apparatus and method for use of optical system with plasma proc essing system
JPS55138634A (en) Fault diagnosis apparatus of apparatus
WO2004093370A3 (en) Distributed power management
EP1349128A3 (en) System for monitoring an inhabited environment
CA2454223A1 (en) An airborne security manager
WO2006019736A3 (en) System and method for harmonizing changes in user activities, device capabilities and presence information
WO2002034571A3 (en) Method and apparatus for vehicle operator performance assessment and improvement
ATE288573T1 (en) PRODUCT TRACEABILITY SYSTEM
WO2005024598A3 (en) Method and system for securing and monitoring a wireless network
AU2003258973A1 (en) System and method for detecting unauthorized wireless access points
WO2004023696A3 (en) Scaling using gain factors for use in data detection for wireless code division multiple access communication systems
ATE349814T1 (en) COMBINED SEARCH AND RADIO CALL MONITORING WITH OFFLINE STORAGE OF SAMPLES
EP1437701A3 (en) System, controller and method of detecting a hazardous condition within an enclosure having a ventilation system

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM GW HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN ML MR NE SN TD TG

ENP Entry into the national phase

Ref country code: US

Ref document number: 1998 205341

Date of ref document: 19981208

Kind code of ref document: A

Format of ref document f/p: F

AK Designated states

Kind code of ref document: A3

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM GW HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

NENP Non-entry into the national phase

Ref country code: CA

NENP Non-entry into the national phase

Ref country code: JP

Ref document number: 1998542562

Format of ref document f/p: F

122 Ep: pct application non-entry in european phase