System, method and computer program product for conditionally updating a security program

US 6,785,820 B1
Filed: 04/02/2002
Issued: 08/31/2004
Est. Priority Date: 04/02/2002
Status: Expired due to Term

First Claim

Patent Images

1. A method for updating security software on a client, comprising:

receiving a parameter associated with a security update file; and

conditionally updating a security program with the security update file based on the parameter;

wherein the parameter identifies a difference between the security update file and a previous security update file;

wherein the security program is conditionally updated with the security update file based on a test involving the parameter;

wherein the parameter represents at least one of a risk and a prevalency associated with a virus that the security update file is capable of detecting;

wherein an array of parameters is received and summed, and the security program is conditionally updated with the security update file based on the summed parameters;

the parameters including a number of new mass-mailing viruses, a severity of added field viruses, a number of new field false alarms, a severity of the false alarms, a number of new name changes in the update, a number of new entries in the update, a number of crash reports for the update, and a performance degradation in the update.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method and computer program product are provided for updating security software on a client. Initially, a parameter indicating a difference between a security update file and a previous security update file is identified. Next, a security program is conditionally updated with the security update file based on the parameter.

Citations

22 Claims

1. A method for updating security software on a client, comprising:
- receiving a parameter associated with a security update file; and
  
  conditionally updating a security program with the security update file based on the parameter;
  
  wherein the parameter identifies a difference between the security update file and a previous security update file;
  
  wherein the security program is conditionally updated with the security update file based on a test involving the parameter;
  
  wherein the parameter represents at least one of a risk and a prevalency associated with a virus that the security update file is capable of detecting;
  
  wherein an array of parameters is received and summed, and the security program is conditionally updated with the security update file based on the summed parameters;
  
  the parameters including a number of new mass-mailing viruses, a severity of added field viruses, a number of new field false alarms, a severity of the false alarms, a number of new name changes in the update, a number of new entries in the update, a number of crash reports for the update, and a performance degradation in the update.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 21, 22)
- - 2. The method as recited in claim 1, wherein each parameter represents an additional priority associated with the security update file.
  - 3. The method as recited in claim 1, wherein each parameter represents a size change of the security update file.
  - 4. The method as recited in claim 1, wherein each parameter represents an additional cost associated with the security update file.
  - 5. The method as recited in claim 1, wherein each of the parameters of the array corresponds with one or more records of the security update file.
  - 6. The method as recited in claim 5, wherein the security program is conditionally updated with the one or more records of the security update file based on the associated parameter.
  - 7. The method as recited in claim 1, wherein the array of parameters is expandable.
  - 8. The method as recited in claim 1, wherein each parameter is customizable.
  - 9. The method as recited in claim 1 wherein the parameters include a number of new records in the security update file.
  - 10. The method as recited in claim 1, wherein each parameter associated with the security update file is received each time the security update file is updated.
  - 11. The method as recited in claim 1, wherein the test further involves a threshold.
  - 12. The method as recited in claim 11, wherein the threshold is updated by a user.
  - 13. The method as recited in claim 11, wherein the threshold is selected based on the security program.
  - 14. A method as recited in claim 1, wherein the security program is conditionally updated depending on a history of each parameter.
  - 21. The method as recited in claim 1, wherein the parameters are summed by forcing summing to restart.
  - 22. The method as recited in claim 1, wherein the parameters are summed by extrapolating data to predict values of parameters in a missed update.

15. A computer program product for updating security software, comprising:
- computer code for receiving a parameter associated with a security update file; and
  
  computer code for conditionally updating a security program with the security update file based oil the parameter;
  
  wherein the parameter identifies a difference between the security update file and a previous security update file;
  
  wherein the security program is conditionally updated with the security update file based on a test involving the parameter;
  
  wherein the parameter represents at least one of a risk and a prevalency associated with a virus that the security update file is capable of detecting;
  
  wherein an array of parameters is received and summed, and the security program is conditionally updated with the security update file based on the summed parameters;
  
  the parameters including a number of new mass-mailing viruses, a severity of added field viruses, a number of new field false alarms, a severity of the false alarms, a number of new name changes in the update, a number of new entries in the update, a number of crash reports for the update, and a performance degradation in the update.

16. A system for updating security software, comprising:
- logic for receiving a parameter associated with a security update file; and
  
  logic for conditionally updating a security program with the security update file based on the parameter;
  
  wherein the parameter identifies a difference between the security update file and a previous security update file;
  
  wherein the security program is conditionally updated with the security update file based on a test involving the parameter;
  
  wherein the parameter represents at least one of a risk and a prevalency associated with a virus that the security update file is capable of detecting;
  
  wherein an array of parameters is received and summed, and the security program is conditionally updated with the security update file based on the summed parameters;
  
  the parameters including a number of new mass-mailing viruses, a severity of added field viruses, a number of new field false alarms, a severity of the false alarms, a number of new name changes in the update, a number of new entries in the update, a number of crash reports for the update, and a performance degradation in the update.

17. A data structure stored in memory capable of being used for updating security software, comprising:
- a parameter object associated with a security update file;
  
  wherein a security program is conditionally updated with the security update file based on the parameter object, and the parameter object identifies a difference between the security update file and a previous security update file;
  
  wherein the security program is conditionally updated with the security update file based on a test involving the parameter object;
  
  wherein an array of parameter objects is received and summed, and the security program is conditionally updated with the security update file based on the summed parameter objects;
  
  the parameter objects being selected from the group consisting of a number of new mass-mailing viruses, a severity of added field viruses, a number of new field false alarms, a severity of the false alarms, a number of new name changes in the update, a number of new entries in the update, a number of crash reports for the update, and a performance degradation in the update.

18. A method for updating security software utilizing a server, comprising:
- assigning a parameter to a security update file; and
  
  providing access to the parameter;
  
  wherein a security program is conditionally updated with the security update file based on the parameter, and the parameter identifies a difference between the security update file and a previous security update file;
  
  wherein the security program is conditionally updated with the security update file based on a test involving the parameter;
  
  wherein the parameter represents at least one of a risk and a prevalency associated with a virus that the security update file is capable of detecting;
  
  wherein an array of parameters is received and summed, and the security program is conditionally updated with the security update file based on the summed parameters;
  
  the parameters including a number of new mass-mailing viruses, a severity of added field viruses, a number of new field false alarms, a severity of the false alarms, a number of new name changes in the update, a number of new entries in the update, a number of crash reports for the update, and a performance degradation in the update.

19. A method for updating security software, comprising:
- downloading parameters representing at least one aspect of one or more records of a security update file, wherein at least one of the parameters identifies a difference between one or more records of the security update file and the corresponding one or more records of a previous security update file with respect to the at least one aspect;
  
  summing the parameters; and
  
  conditionally updating a security program with the one or more records of the security update file based on the sum of parameters;
  
  wherein the security program is conditionally updated with the security update file based on a test involving the sum;
  
  wherein the sum represents a risk and a prevalency associated with a virus that the security update file is capable of detecting;
  
  the parameters including a number of new mass-mailing viruses, a severity of added field viruses, a number of new field false alarms, a severity of the false alarms, a number of new name changes in the update, a number of new entries in the update, a number of crash reports for the update, and a performance degradation in the update.

20. A method for updating security software, comprising:
- clearing a sum;
  
  determining whether parameters are available each representing at least one aspect of one or more records of a virus signature update file, wherein the parameters identify a difference between one or more records of the virus signature update file and the corresponding one or more records of a previous virus signature update file with respect to the at least one aspect;
  
  downloading the parameters if the parameters are determined to be available;
  
  summing the parameters;
  
  identifying an anti-virus security program associated with the downloaded parameters;
  
  looking up a threshold corresponding with the anti-virus security program associated with the downloaded parameters; and
  
  for each of the records of the virus signature update file, performing a test involving the summed parameters associated with the current record and the threshold, if the test is passed, downloading the virus signature update file, installing the virus signature update file in the anti-virus security program, and clearing the sum;
  
  wherein the parameter represents at least one of a risk and a prevalency associated with a virus that the security update file is capable of detecting;
  
  the parameters including a number of new mass-mailing viruses, a severity of added field viruses, a number of new field false alarms, a severity of the false alarms, a number of new name changes in the update, a number of new entries in the update, a number of crash reports for the update, and a performance degradation in the update.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
Networks Associates Technology, Inc. (McAfee, LLC)
Inventors
Schmugar, Craig D., Gulletten, Vincent P., Muttik, Igor G.
Primary Examiner(s)
Barron, Gilberto
Assistant Examiner(s)
Lanier, Benjamin E.

Application Number

US10/115,379
Time in Patent Office

882 Days
Field of Search

713/191, 713/189, 713/188, 713/200, 719/192, 707/203
US Class Current

726/24
CPC Class Codes

G06F 21/57   Certifying or maintaining t...

Y10S 707/99953   Recoverability

Y10S 707/99954   Version management

System, method and computer program product for conditionally updating a security program

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

System, method and computer program product for conditionally updating a security program

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links