RSS Alerts

Related Links

  • Kaspersky Patent
  • Elsevier Ltd is not responsible for the content of external websites.

Related Stories

  • Twitter not adequately checking URLs, says Kaspersky
    Twitter is failing to block malicious websites that are being posted to it via URL shortening services, according to researchers from Kaspersky, who have applied their own back-end service to help solve the problem.
  • 575 variants of Koobface detected during June says Kaspersky Lab
    Researchers with Russian IT security vendor Kaspersky Lab say they detected 575 new variants of the Koobface worm during June.
  • Kaspersky site hacked over weekend
    Anti-malware vendor Kaspersky's site was hacked over the weekend, using an SQL injection attack. While admitting that the site was vulnerable, Kaspersky is denying that the vulnerabiity was critical. The hacker nevertheless listed what he said was the full set of tables from the firm's MySQL database.
  • An injection of new ideas
    Securing IT means coping with Donald Rumsfeld’s ‘known unknowns’ – expected attacks whose nature is a surprise. Concepts from medicine, game theory and crowd sourcing may help, finds Danny Bradbury
  • Battle of the Internet Browsers
    Browsers are the hacker’s window into your PC – but how are they compromised, and what are vendors doing to harden them? Danny Bradbury examines the techniques vendors are employing, and looks at why user education is one of the primary solutions for increased security

News

Kaspersky patents code-tracing technology

09 April 2010

Kaspersky has successfully patented technology that enables analysts to trace the activity of software code without infringing upon intellectual property.

The anti-malware vendor Kaspersky, which routinely analyzes software as part of its security research, has developed a method for tracing the sequence of events that happens when a set of programming instructions run. The idea is to analyze the behavior of third-party programs without having to click through the structure of source code and analyze it on a per-line basis, which can be time-consuming.

The patent was filed on December 19, 2008, but wasn't granted by the US Patent Office until March 30. "Identifiers of the trace tool, trace strings, and data fields and components of the diagnostic information are encoded using a coded binary language," says the patent abstract. "After monitoring execution of the program product, a trace report of the trace tool is translated for an intended recipient from the coded binary language into the human language, whereas an unauthorized access to the contents of the trace record is restricted."

Obfuscating specific source code information from the analysis process broadens the scope of potential software products that can be scanned in this way without contravening intellectual property laws, although this would not be a problem while scanning a known piece of malware to see how it operated.

According to the patent, technology can be applied to software, firmware, and hardware; to anything, in fact, comprising computer-executable instructions. The various steps of analysis can be implemented as a software modules, or optionally combined into a single module.

"When implemented in software, the computer program product may be stored on or transmitted using a computer-readable recording medium adapted for storing the computer-executable instructions or transferring the computer program product from one computer to another," the patent said.

 

This article is featured in:
Application Security IT Forensics

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water