Real-time in-line detection of malicious code in data streams
US7802303B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 30, 2006 |
| Grant date | Sep 21, 2010 |
| Priority date | — |
| Expiry date | Jul 22, 2029 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/564
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
In one embodiment, a data stream is scanned for presence of computer viruses using a stream-based protocol parser, a stream-based decoder/decompressor, and a stream-based pattern matching engine. The protocol parser may be configured to extract application layer content from the data stream to generate a file stream. The protocol parser may stream the file stream to the decoder/decompressor, which may decode/decompress the file stream to generate a plain stream. The decoder/decompressor may stream the plain stream to the pattern matching engine, which in turn may scan the plain stream for viruses. Advantageously, the aforementioned components may perform its function as soon as streaming data becomes available, without having to wait for the entirety of the data.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.