Patent · US Expired

Detection of computer viruses spanning multiple data streams

US6006329A · kind A · utility

109Cited by

1References

18Claims

0Family size

Assignee

Symantec Corporation · US

Inventor

Darren Chi · Alhambra, US

Key dates

Filing date	Aug 11, 1997
Grant date	Dec 21, 1999
Priority date	—
Expiry date	Aug 11, 2017

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/564
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A computer system (100) and method detect computer viruses spanning multiple data streams. A virus signature is written in the form of a Boolean expression, where the operands of the Boolean expression are signatures of components of the virus. A processor (110) identifies data streams to be scanned and scans the identified data streams for components of viruses. Using the scan results, the processor (110) then evaluates the virus signatures, and, for any Boolean expression satisfied, the processor (110) determines that the virus corresponding to the expression exists in the scanned data streams.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.