On GameSpot: Final Fantasy XIII to sell 6 million?
BNET Business Network:
BNET
TechRepublic
ZDNet
16 TalkBacks

By Matt Hines
Posted on ZDNet News: Mar 2, 2005 8:29:00 PM

Security specialist Symantec said Wednesday it has been granted a U.S. patent for the threat-detection technology built into its software products.

The technology, described in the patent as "data-driven detection of viruses," is used to uncover complex viruses, worms and spyware. Symantec features the tool throughout its software lineup for the business and consumer markets, and it is one of the central elements of the company's desktop, server and gateway products.

The company said the patented technology remains one of its most powerful tools for identifying new threats. Its researchers use the code to write simple programs for scanning and emulating executable files, and for working with complex threats such as self-mutating viruses, Symantec said.

Traditional antivirus software works by scanning the regions of a particular file that are most likely to contain a virus, typically the top or bottom of the file. Symantec said its tools are able to identify more complex threats, because they enable researchers to comb through other portions, such as the middle of a file. It also helps search for threats that have been spread across a file in an effort to cloak themselves from antivirus tools.

The detection tools were created by Carey Nachenberg, chief architect at Symantec Research Labs, who has been behind 16 security-related patents in the last eight years. Nachenberg said that he and his colleagues at Symantec, based in Cupertino, Calif., have been working on the antivirus technology since the mid-'90s.

The researcher likened the antivirus technology to the noninvasive MRI scanners being adopted in the medical field, which improve on their coffinlike predecessors by allowing doctors to focus on a specific area of the body, rather than trying to scrutinize the entire physique at once.

"Unfortunately, the latest infections are much more complex, they mutate themselves, polymorph themselves, inject themselves in the middle of a file or spread their infection throughout a file," Nachenberg said. "All of this is making it very difficult for traditional antivirus scanners to detect an infection, because the infection is located or spread into regions where you wouldn't expect to see them."

SponsoredWhite Papers, Webcasts, and Downloads

  • Talkback
  • Most Recent of 16 Talkback(s)
theyre trying to monopolize, sounds like
its M$ymantec. welcome to the new MicroStuff Symantec windows antivirus. with our product you can remove all those new and nasty bugs that rose up since our new innovation in virus scanning technolo... (Read the rest)
Posted by: linuxoverwindows Posted on: 03/03/05 You are currently: a Guest | | Terms of Use
I'm missing the patent point... what's so special about it  el1jones | 03/02/05
You probably did not miss anything, it is just that easy to get a patent.  DonnieBoy | 03/02/05
And you can write off the lunch, too!  Hugh Jass | 03/02/05
To do it reasonably fast...  No_Ax_to_Grind | 03/02/05
Funny you mention copying hard drives..  Patrick Jones | 03/03/05
yep  linuxoverwindows | 03/03/05
Man, people patenting ways to protect yourself.  DonnieBoy | 03/02/05
What happens to other products that perform the same function?  Hugh Jass | 03/02/05
Depends how they do it.  No_Ax_to_Grind | 03/02/05
i need to go search...  linuxoverwindows | 03/03/05
And yet, I don't see you doing it.  No_Ax_to_Grind | 03/02/05
So...  BitTwiddler | 03/03/05
theyre taking the M$ approach  linuxoverwindows | 03/03/05
Patent office has some issues  Sunny Jalolly | 03/03/05
Re: Patent office has some issues  jezter~ | 03/03/05
theyre trying to monopolize, sounds like  linuxoverwindows | 03/03/05

What do you think?

advertisement
advertisement

White Papers, Webcasts, and Downloads

SmartPlanet

Click Here