System and methods for adaptive model generation for detecting intrusions in computer systems

US Patent 7225343 — System and methods for adaptive model generation for detecting intrusions in computer systems Abstract A system and methods for detecting intrusions in the operation of a computer system comprises a sensor configured to gather information regarding the operation of the computer system, to format the information in a data record having … Читать далее System and methods for adaptive model generation for detecting intrusions in computer systems

Disk-level Malware Detection

Nathanael Paul, Adrienne Felt, David Evans, Sudhanva Gurumurthi; University of Virginia

Modern disk drive processors are now capable of general purpose computation, and we can harness this new power to implement malware detection directly on the disk drive. All data owing to and from the hard drive must pass through the disk drive processor. This key property makes the disk processor the «nal line of defense against malware, since it is privy to the low-level behavior of viruses that wish to alter data on the host. Disk-level malware detection uses the disk processor to identify threats based on patterns of I/O requests.

Читать далееDisk-level Malware Detection