UPDATED: Symantec now holds a patent for histogram-based malicious code detection.
The newly patented technology offers the promise of accelerated IT security
According to the U.S Patent and Trade Office Abstract for patent number
6,971,019, the patent is for a virus-detection system
that uses a histogram to detect the presence of a computer virus in a
A histogram typically involves some form of frequency-distribution
analysis. In the case of Symantec’s patented histogram-based malicious code-detection technology, a prioritized count of instructions and behaviors is
made that identifies code as it moves across a network.
Analysis of that
movement is supposed to help make a determination as to whether there is a
threat on the network.
The inventor, Carey Nachenberg, Symantec fellow and chief architect with
Symantec Research Labs, claims that histogram-based malicious code detection
is one of the most effective and efficient ways of solving the problem of
complex threat detection.
“Without this technology, it would be extremely difficult to identify
such threats without also significantly impacting performance,” Nachenberg
said in a statement.
Symantec apparently will be keeping the histogram patented technology close to the vest.
According to Joe FitzGerald, vice president of intellectual property for Symantec, the company will not be actively seeking licenses for the histogram patents.
“To the extent that Symantec customers are licensing Symantec products that incorporate this technology, they are given a license under this patent.”