×

Method and apparatus for detecting a macro computer virus using static analysis

  • US 6,697,950 B1
  • Filed: 12/22/1999
  • Issued: 02/24/2004
  • Est. Priority Date: 12/22/1999
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method for detecting a macro virus in a computer system by statically analyzing macro operations within a document, comprising:

  • receiving the document containing the macro operations;

    locating the macro operations within the document;

    performing a flow analysis on the macro operations within the document to determine associated values for variables within the macro operations, wherein performing the flow analysis on the macro operations includes performing at least one of a data flow analysis and a control flow analysis;

    comparing the macro operations including the associated values for variables against a profile containing information about suspect macro operations and associated values for variables to determine whether the document contains suspect macro operations; and

    if the document contains suspect macro operations, informing a user that the document contains suspect macro operations.

View all claims
  • 4 Assignments
Timeline View
Assignment View
    ×
    ×