Discrimination of malicious changes to digital information using multiple signatures
作者: David M. Chess
DOI:
关键词:
摘要: The present system and method uses information about digital (objects) to determine whether or not changes the objects were caused by a normal operation malicious program. invention reference separation algorithm separate, at time, one more into plurality of subsets that describe object contents. A these are then selected selection associated with each subset is stored. At some later called test used separate signatures contents time. algorithm. develops respective subset. compared develop set differences. Rules applied differences time was changed (maliciously) from
lens.org 参考文章(35)
R. Jeff Lee, Bruce William Watson, Method and structure for providing computer security and virus prevention ,(1991)
John Quimby, Signature data object ,(1993)
Everett W. Wolfe, Method of controlling the copying of software ,(1986)
Richard P. Jones, Computer file protection system ,(1990)
Virgil D. Gligor, Shiuh-Pyung W. Shieh, Pattern-oriented intrusion-detection system and method ,(1992)
David M. Chess, Gregory B. Sorkin, Jeffrey O. Kephart, William C. Arnold, Steve R. White, Searching for patterns in encrypted data ,(1994)
Gilles Viricel, Method for the authentication of data ,(1992)
Patrick Dyson, Method and apparatus for verifying the integrity of a file stored separately from a computer ,(1990)
Timothy W. Markison, Gary W. Grube, Detection of unauthorized use of software applications in communication units ,(1993)