AsiaIPEX is a one-stop-shop for players in the IP industry, facilitating IP trade and connection to the IP world. Whether you are a patent owner interested in selling your IP, or a manufacturer looking to buy technologies to upgrade your operation, you will find the portal a useful resource.
Back to search results

Systems, methods, and media for detecting and disrupting malcode in electronic documents

Summary
Lead Inventors: Salvatore J. Stolfo, Ph.D.Problem or Unmet Need:Malcode embedded within documents provides a convenient means of attacking systems. Electronic documents are some of the most commonly used files, and detecting malcode embedded in them can be extremely difficult due to the complexity of modern document formats. Document processing applications do not have the capacity to effectively screen for malcode, which facilitates the rapid spread of infections. Improved security measures are required to detect, and therefore prevent, the spread of malcode contained within documents. This invention includes a method for detecting and disrupting malcode in electronic documents. The technology uses an arbitrary data transformation (ADT) to change the value of data segments in documents; this damages any malcode hidden in the document. Malcode that has been thusly damaged will fail, introducing a system exception that is easily detected. This ADT is reversible, allowing the original document to remain uncompromised in cases where no malcode is detected. The technique is dependent upon knowledge of the structure of the document binary format being tested.
Technology Benefits
Current technologies are insufficient for protection from embedded malcode o Novel method of detecting and disrupting malcode may solve this problem Can be used as a module incorporated into currently existing document processing applications o A study focusing on Microsoft Word revealed detection of 11 out of 15 attacks, and disablement of 3 of these Not dependent on any one type of document o Can be used for example, for Microsoft Office documents or HTML documents, making it broadly applicable No learning phase required Does not damage the document being tested
Technology Application
Detection of malcode in a variety of electronic document types o Incorporation into document processing applications (e.g., Microsoft Word) for integrated protection o Standalone application that can be set to automatically scan different types of documents Disruption of malcode in a variety of electronic document types o The ADT damages malcode, rendering it harmless
Detailed Technology Description
This invention includes a method for detecting and disrupting malcode in electronic documents. The technology uses an arbitrary data transformation (ADT) to change the value of data segments in documents; this damages any malcode hidden in the ...
*Abstract
None
*Inquiry
Calvin Chu Columbia Technology Ventures Tel: (212) 854-8444 Email: TechTransfer@columbia.edu
*IR
M09-018
*Principal Investigator
*Web Links
WIPO: WO/2010/062437
Country/Region
USA

For more information, please click Here
Mobile Device