1
Carey S Nachenberg: Dynamic heuristic method for detecting computer viruses using decryption exploration and evaluation phases. Symantec Corporation, Fenwick & West, March 12, 2002: US06357008 (329 worldwide citation)

A method for detecting computer viruses comprising three phases: a decryption phase, an exploration phase, and an evaluation phase. A purpose of the decryption phase is to emulate a sufficient number of instructions to allow an encrypted virus to decrypt its viral body. A purpose of the exploration ...


2
Ray Soon Waldin Jr, Carey Nachenberg: Multi-tiered incremental software updating. Symantec Corporation, Fenwick & West, April 18, 2000: US06052531 (258 worldwide citation)

A software application (110) is updated to a newer version by means of incremental update patches (122). The incremental update patches (122) each contain that information necessary to transform one version of an application to another version. Any version of an application (110) may be upgraded to ...


3
Bruce McCorkendale, Peter Ferrie: Using a hypervisor to provide computer security. Symantec Corporation, Fenwick & West, August 9, 2011: US07996836 (253 worldwide citation)

A computer includes a virtual machine controlled by a hypervisor. The virtual machine runs a virtualized operating system with running processes. A security initialization module sets the state in the virtual machine to pass execution from the virtual machine to the hypervisor responsive to a proces ...


4
Darren Chi: Detection and elimination of macro viruses. Symantec Corporation, Fenwick & West, November 2, 1999: US05978917 (239 worldwide citation)

Apparatus and method for detecting the presence of macro viruses within a digital computer (1). An application program (5) is associated with the digital computer (1). A global environment (13) is associated with the application program (5). The application program (5) generates at least one local d ...


5
Paul M Agbabian: Security management system including feedback and control. Symantec Corporation, Gunnison McKay & Hodgson L, December 30, 2008: US07472422 (229 worldwide citation)

A system uses automatic feedback and control to secure a network infrastructure by iterative convergence of the network's security structure to meet a security policy. Following initialization, a security feedback control system of the security management system makes dynamic adjustments to the syst ...


6
Carey Nachenberg: Polymorphic virus detection module. Symantec Corporation, Fenwick & West, December 9, 1997: US05696822 (215 worldwide citation)

A Polymorphic Anti-Virus Module (PAM) (200) comprises a CPU emulator (210) for emulating the target program, a virus signature scanning module (250) for scanning decrypted virus code, and an emulation control module (220), including a static exclusion module (230), a dynamic exclusion module (240), ...


7
Douglas B Moran: System and method for analyzing filesystems to detect intrusions. Symantec Corporation, Van Pelt & Yi, November 11, 2003: US06647400 (205 worldwide citation)

A system and method are disclosed for detecting intrusions in a host system on a network. The intrusion detection system comprises an analysis engine configured to use continuations and apply forward- and backward-chaining using rules. Also provided are sensors, which communicate with the analysis e ...


8
Ray Waldin, Carey Nachenberg: Antivirus accelerator for computer networks. Symantec Corporation, Fenwick & West, July 25, 2000: US06094731 (203 worldwide citation)

System, method, and computer readable medium for examining a file (1) associated with an originating computer (2) to determine whether a virus is present within the file (1). File (1) contains at least one sector and is scanned by an antivirus module (3). An identification and hash value of each sca ...


9
Carey S Nachenberg: Polymorphic virus detection module. Symantec Corporation, Fenwick & West, October 20, 1998: US05826013 (194 worldwide citation)

A Polymorphic Anti-virus Module (PAM) (200) comprises a CPU emulator (210) for emulating the target program, a virus signature scanning module (250) for scanning decrypted virus code, and an emulation control module (220), including a static exclusion module (230), a dynamic exclusion module (240), ...


10
John L Schacher: System and method for producing a drag-and-drop object from a popup menu item. Symantec Corporation, Gideon Gimlan, Fliesler Dubb Meyer & Lovejoy, December 14, 1999: US06002402 (184 worldwide citation)

A method and apparatus are provided in conjunction with a graphical user interface (GUI) for producing drag-and-drop objects (317b) from one or more choice-items (317a) presented in a choice-listing menu of a source application program (314). The so-produced drag-and-drop object is dropped onto a re ...