Efficient detection of computer viruses and other data trails
The present invention provides a method of reducing the amount of memory required and improving the speed of a scan of a given data string for the presence of computer viruses or other data traits of interest. The method includes: 1. loading into a memory of a computer a set of generic features that...
Gespeichert in:
| Hauptverfasser: | , , , |
|---|---|
| Format: | Patent |
| Sprache: | eng ; fre ; ger |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | The present invention provides a method of reducing the amount of memory required and improving the speed of a scan of a given data string for the presence of computer viruses or other data traits of interest. The method includes: 1. loading into a memory of a computer a set of generic features that are functionally similar to standard computer virus signatures, but tend to be less specific to particular viruses, 2. locating occurrences of the generic features within the data string, 3. applying a first mapping from the occurrences located during step 2) to obtain a subset of standard signatures, 4. loading the subset of standard signatures into a memory of said computer, 5. locating occurrences within the data string of all signatures from the subset of standard signatures, and 6. applying a second mapping from the occurrences located during step 5) to identify a set of computer viruses that are likely to be present in the data string. In addition to serving as a means for efficiently detecting computer viruses, the method can be applied very generally to improving the efficiency of other applications that employ a search for multiple patterns to help determine whether a given input data string possesses any of a set of data traits of interest. |
|---|