Aliases: None
Technical Challenge: Most computer viruses and worms spread when untrusted code received from a network is run on a local system. Most often this code runs by some action of the user. Other times a multiple stage attack gains control and stores malicious programs on the target system such that the user might accidentally launch them. Some untrusted code exploits a programming flaw on a target system in order to force its execution without user involvement whatsoever. In any case, blocking or identifying when network-originated code is run is critical to protecting the system.
Description: Most computer viruses and worms spread when untrusted code received from a network is run on a local system. Most often this code runs by some action of the user. Other times a multiple stage attack gains control and stores malicious programs on the target system such that the user might accidentally launch them. Some untrusted code exploits a programming flaw on a target system in order to force its execution without user involvement whatsoever. In any case, blocking or identifying when network-originated code is run is critical to protecting the system. The process of this invention identifies all software that is capable of being run from the network and allows each system to treat such software differently than other, locally-stored software.
Demonstration Capability: The inventors have a proof-of-concept demonstration of the invention. A straightforward demonstration can be easily arranged.
Potential Commercial Application(s): This technology has a number of possible commercial uses. Computer viruses and worms are a “hot topic” right now and there does not appear to be any end in sight for this problem. This technology can severely limit the spread of computer viruses and worms and could both be added quickly to existing antivirus approaches and products as well as serve as the basis of new and powerful tools.
Patent Status: Patent Application has been filed with USPTO.
Reference Number: 1364
If you are interested in exploring this technology further, please call 443-445-7159 or express your interest in writing to the National Security Agency, Domestic Technology Transfer Program, 9800 Savage Road, Suite 6541, Fort George G. Meade, Maryland 20755-6541.