Browse Prior Art Database

Stealth Anti-Malware

IP.com Disclosure Number: IPCOM000207168D
Publication Date: 2011-May-18
Document File: 4 page(s) / 53K

Publishing Venue

The IP.com Prior Art Database

Abstract

Recent targeted attacks against large enterprises use malware having advanced capabilities of bypassing or turning off key components of Anti-Malware software and then carrying out malicious activity. The proposed "Stealth Anti-Malware" software conceptualizes a new defense against these attacks, in which the Anti-Malware is invisible and malware can neither detect nor tamper with the Anti-Malware. In short, the proposed software is as hidden and operates as covertly as malware itself.

This text was extracted from a Microsoft Word document.
This is the abbreviated version, containing approximately 53% of the total text.

Stealth Anti-Malware

Abdul Aziz

Symantec Corporation

Abstract

Recent targeted attacks against large enterprises use malware having advanced capabilities of bypassing or turning off key components of Anti-Malware software and then carrying out malicious activity. The proposed "Stealth Anti-Malware" software conceptualizes a new defense against these attacks, in which the Anti-Malware is invisible and malware can neither detect nor tamper with the Anti-Malware. In short, the proposed software is as hidden and operates as covertly as malware itself.

Copyright © 2010, 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.  For a full list of Symantec trademarks, please visit

http://www.symantec.com/about/profile/policies/trademarks/currentlist.jsp

Any Symantec products described in this document are distributed under licenses restricting their use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Symantec Corporation and its licensors, if any.

THE DOCUMENTATION IS PROVIDED “AS IS” AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.

Symantec Corporation

350 Ellis Street

Mountain View, CA 94043

United States

http://www.symantec.com

Stealth Anti-Malware

Problem Statement

A lot of efforts go into the making of an Anti-Malware software. But, once the Anti-Malware software product is in the market, it is reverse-engineered by hackers and ways are found to break or bypass key modules like the Scanning Engine. These hacks are then introduced into malware by the Malware developers to bypass or disable the Anti-Malware programs on the target machines before carrying out the malicious activity. A strong example of a recent attack in the Industry is the Stuxnet worm. The worm was designed to detect the Anti-virus software run...