Discerning use of signatures by third party vendors
First Claim
1. A computer-implemented method of detecting use of a security vendor'"'"'s signatures by third party security vendors, the method comprising:
- anonymously providing a bait file to a third party security vendor for security detection, the bait file being a non-malware file;
providing a bait signature corresponding to the bait file that is included in a signature database of the security vendor which is made publicly available;
monitoring security detections made over a period of time by a security scanner operated by the third party security vendor, including monitoring before and after the bait signature is provided;
determining whether the scanner operated by the third party security vendor positively detected the bait file following the release of the bait signature for the bait file; and
responsive to a positive determination, detecting that the third party security vendor used the bait signature provided to detect the bait file.
2 Assignments
0 Petitions
Accused Products
Abstract
Bait files and signatures allow security software vendors to track both authorized and unauthorized usage of the security vendor'"'"'s signatures/products by third party security vendors. A bait file providing module anonymously provides a bait file to a third party security vendor for security detection, where the bait file is a non-malware file. A signature providing module provides a bait signature corresponding to the bait file that is included in a signature database which is made publicly available. A scanner monitoring module monitors security detections made over a period of time by a security scanner operated by the third party vendor. A determination module determines whether the scanner positively detected the bait file following the release of the bait signature for the bait file. A use detection module detects, in response to a positive determination, that the third party vendor used the bait signature provided to detect the bait file.
49 Citations
20 Claims
-
1. A computer-implemented method of detecting use of a security vendor'"'"'s signatures by third party security vendors, the method comprising:
-
anonymously providing a bait file to a third party security vendor for security detection, the bait file being a non-malware file; providing a bait signature corresponding to the bait file that is included in a signature database of the security vendor which is made publicly available; monitoring security detections made over a period of time by a security scanner operated by the third party security vendor, including monitoring before and after the bait signature is provided; determining whether the scanner operated by the third party security vendor positively detected the bait file following the release of the bait signature for the bait file; and responsive to a positive determination, detecting that the third party security vendor used the bait signature provided to detect the bait file. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable storage medium storing executable computer program instructions for use of a security vendor'"'"'s signatures by third party security vendors, the computer program instructions comprising instructions for performing the steps comprising:
-
anonymously providing a bait file to a third party security vendor for security detection, the bait file being a non-malware file; providing a bait signature corresponding to the bait file that is included in a signature database of the security vendor which is made publicly available; monitoring security detections made over a period of time by a security scanner operated by the third party security vendor, including monitoring before and after the bait signature is provided; determining whether the scanner operated by the third party security vendor positively detected the bait file following the release of the bait signature for the bait file; and responsive to a positive determination, detecting that the third party security vendor used the bait signature provided to detect the bait file. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer system for detecting use of a security vendor'"'"'s signatures by third party security vendors, the system comprising:
-
a non-transitory computer-readable storage medium storing executable software modules, comprising; a bait file providing module for anonymously providing a bait file to a third party security vendor for security detection, the bait file being a non-malware file; a signature providing module for providing a bait signature corresponding to the bait file that is included in a signature database of the security vendor which is made publicly available; a scanner monitoring module for monitoring security detections made over a period of time by a security scanner operated by the third party security vendor, including monitoring before and after the bait signature is provided; a determination module for determining whether the scanner operated by the third party security vendor positively detected the bait file following the release of the bait signature for the bait file; a use detection module for detecting that the third party security vendor used the bait signature provided to detect the bait file in response to a positive determination; and a processor configured to execute the software modules stored by the computer readable storage medium. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification