Information security analysis system
First Claim
1. A method for templating and viewing virus computer code for data communications networks, comprising:
- gathering from a host computer information on a bit stream of computer code prior to execution by the host computer;
generating a knowledge base of the bit stream of the computer code gathered from the host computer;
parsing the information in the knowledge base to generate data into structured files having a readable format;
analyzing the data in the structured files to derive a genetic structure and examine the functionality of suspect computer code;
comparing a plurality of genetic structures to determine the presence of a computer virus; and
visualizing the structured files to display in a user interactive graphical functional mode functionality of suspect computer code to identify the presence of a computer virus prior to execution in the host computer.
7 Assignments
0 Petitions
Accused Products
Abstract
The analysis system is a collection, configuration and integration of software programs that reside on multiple interconnected computer platforms. The software, less computer operating systems, is a combination of sensor, analysis, data conversion, and visualization programs. The hardware platforms consist of several different types of interconnected computers, which share the software programs, data files, and visualization programs via a Local Area Network (LAN). This collection and integration of software and the migration to a single computer platform results in an approach to LAN/WAN monitoring in either a passive and/or active mode. The architecture permits digital data input from external sensors for analysis, display and correlation with data and displays derived from four major software concept groups. These are: Virus Computer Code Detection; Analysis of Computer Source and Executable Code; Dynamic Monitoring of Data Communication Networks; 3-D Visualization and Animation of Data.
198 Citations
20 Claims
-
1. A method for templating and viewing virus computer code for data communications networks, comprising:
-
gathering from a host computer information on a bit stream of computer code prior to execution by the host computer;
generating a knowledge base of the bit stream of the computer code gathered from the host computer;
parsing the information in the knowledge base to generate data into structured files having a readable format;
analyzing the data in the structured files to derive a genetic structure and examine the functionality of suspect computer code;
comparing a plurality of genetic structures to determine the presence of a computer virus; and
visualizing the structured files to display in a user interactive graphical functional mode functionality of suspect computer code to identify the presence of a computer virus prior to execution in the host computer. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for templating and viewing virus computer code for data communications networks, comprising:
-
gathering from a host computer information on a bit stream of computer code prior to execution by the host computer;
generating a knowledge base of the bit stream of the computer code gathered from the host computer;
parsing the information in the knowledge base to generate data into structured files having a readable format;
analyzing the data in the structured files to derive a genetic structure and examine the functionality of suspect computer code;
comparing a plurality of genetic structures to determine the presence of a computer virus; and
displaying in a user interactive graphical functional mode the structured files to identify the presence of a computer virus prior to execution in the host computer. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A method for templating and viewing virus computer code for data communications networks, comprising:
-
gathering from a host computer information on a bit stream of computer code prior to execution by the host computer;
generating a knowledge base of the bit stream of the computer code gathered from the host computer;
analyzing the data in the knowledge base to derive a genetic structure and examine the functionality of suspect computer code;
comparing a plurality of genetic structures to determine the presence of a computer virus; and
visualizing the analyzed data to display in a user interactive graphical functional mode functionality of suspect computer code to identify the presence of a computer virus prior to execution in the host computer. - View Dependent Claims (15, 16, 17)
-
-
18. A method for templating and viewing virus computer code for data communications networks, comprising:
-
generating a knowledge base of a bit stream of a computer code;
parsing the information in the knowledge base to generate data into structured files having a readable format;
analyzing the data in the structured files to derive a genetic structure of suspect computer code to determine the presence of a computer virus;
displaying in a graphical functional mode the analyzed data to determine the presence of a computer virus prior to execution in a host computer; and
rotating the analyzed data on an axis on two or more separate but connected visual planes.
-
-
19. A method for templating and viewing virus computer code for data communications networks, comprising:
-
generating a knowledge base of a bit stream of a computer code;
parsing the information in the knowledge base to generate data into structured files having a readable format;
analyzing the data in the structured files to derive a genetic structure of suspect computer code to determine the presence of a computer virus;
displaying in a graphical functional mode the analyzed data to determine the presence of a computer virus prior to execution in a host computer; and
appending user definable symbols for enhancing an understanding by an operator or analyst.
-
-
20. A method for templating and viewing virus computer code for data communications networks comprising a plurality of nodes, comprising:
-
generating a knowledge base of a bit stream of a computer code;
parsing the information in the knowledge base to generate data into structured files having a readable format;
contracting several nodes of a data communications network into a single interconnecting common node for analysis to determine the presence of a computer virus analyzing the data in the structured files to derive a genetic structure of suspect computer code to determine the presence of a computer virus; and
displaying in a graphical functional mode the analyzed data to determine the presence of a computer virus prior to execution in a host computer.
-
Specification