throbber
Case 4:18-cv-07229-YGR Document 195-8 Filed 05/10/21 Page 1 of 31
`Case 4:18-cv-07229—YGR Document 195-8 Filed 05/10/21 Page 1 of 31
`
`
`
`
`
`
`
`
`
`
`
`
`
`EXHIBIT 3
`
`EXHIBIT 3
`
`

`

`Case 4:18-cv-07229-YGR Document 195-8 Filed 05/10/21 Page 2 of 31
`I 1111111111111111 11111 1111111111 lllll lllll 111111111111111 111111111111111111
`US008677494B2
`
`c12) United States Patent
`Edery et al.
`
`(IO) Patent No.:
`(45) Date of Patent:
`
`US 8,677,494 B2
`*Mar. 18, 2014
`
`(54) MALICIOUS MOBILE CODE RUNTIME
`MONITORING SYSTEM AND METHODS
`
`(75)
`
`Inventors: Yigal Mordechai Edery, Pardesia (IL);
`Nirmrod Itzhak Vered, Goosh
`Tel-Mand (IL); David R. Kroll, San
`Jose, CA (US); Shlomo Touboul,
`Kefar-Haim (IL)
`
`(73) Assignee: Finjan, Inc., Wilmington, DE (US)
`
`( *) Notice:
`
`Subject to any disclaimer, the term ofthis
`patent is extended or adjusted under 35
`U.S.C. 154(b) by O days.
`
`This patent is subject to a terminal dis(cid:173)
`claimer.
`
`(21) Appl. No.: 13/290,708
`
`(22) Filed:
`
`Nov. 7, 2011
`
`(65)
`
`Prior Publication Data
`
`US 2012/0117651 Al
`
`May 10, 2012
`
`Related U.S. Application Data
`
`(63) Continuation of application No. 12/471,942, filed on
`May 26, 2009, now Pat. No. 8,079,086, which is a
`
`(Continued)
`
`(51)
`
`(2006.01)
`(2006.01)
`(2006.01)
`
`Int. Cl.
`H04L29/06
`G06F 11130
`G06F 15116
`(52) U.S. Cl.
`USPC ............................................. 726/24; 713/175
`( 58) Field of Classification Search
`None
`See application file for complete search history.
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`4,562,305 A
`5,077,677 A
`
`12/1985 Gaffney, Jr.
`12/1991 Murphy et al.
`(Continued)
`
`FOREIGN PATENT DOCUMENTS
`
`EP
`EP
`
`7 /1994
`0636977
`7/2000
`1021276
`(Continued)
`OTHER PUBLICATIONS
`
`Zhong, et al., "Security in the Large: is Java's Sandbox Scalable?,"
`Seventh IEEE Symposium on Reliable Distributed Systems, pp. 1-6,
`Oct. 1998.
`
`(Continued)
`Primary Examiner - Christopher Revak
`(74) Attorney, Agent, or Firm - Bey & Cotropia PLLC
`ABSTRACT
`(57)
`Protection systems and methods provide for protecting one or
`more personal computers ("PCs") and/or other intermittently
`or persistently network accessible devices or processes from
`undesirable or otherwise malicious operations of Java TN
`applets, ActiveX™ controls, JavaScript™ scripts, Visual
`Basic scripts, add-ins, downloaded/uploaded programs or
`other "Downloadables" or "mobile code" in whole or part. A
`protection engine embodiment provides for monitoring infor(cid:173)
`mation received, determining whether received information
`does or is likely to include executable code, and if so, causes
`mobile protection code (MPC) to be transferred to and ren(cid:173)
`dered operable within a destination device of the received
`information. An MPC embodiment further provides, within a
`Downloadable-destination, for initiating the Downloadable,
`enabling malicious Downloadable operation attempts to be
`received by the MPC, and causing (predetermined) corre(cid:173)
`sponding operations to be executed in response to the
`attempts.
`
`18 Claims, 10 Drawing Sheets
`
`919
`
`""'
`
`Start
`
`Retrieve protection parameters and form
`mobile protection code according to the
`parameters
`
`1011
`
`Retrieve protection parameters and form
`protection policies according to the
`parameters
`
`Couple the mobile protection code,
`protection policies and received-
`information to form a protection agent (e.g.
`MPC first, policies second, and RI third)
`
`1015
`
`End
`
`

`

`Case 4:18-cv-07229-YGR Document 195-8 Filed 05/10/21 Page 3 of 31
`
`US 8,677,494 B2
`Page 2
`
`Related U.S. Application Data
`
`continuation of application No. 11/370,114, filed on
`Mar. 7, 2006, now Pat. No. 7,613,926, which is a con(cid:173)
`tinuation of application No. 09/861,229, filed on May
`17, 2001, now Pat. No. 7,058,822, which is a continu(cid:173)
`ation-in-part of application No. 09/539,667, filed on
`Mar. 30, 2000, now Pat. No. 6,804,780, which is a con(cid:173)
`tinuation of application No. 08/964,388, filed on Nov. 6,
`1997, now Pat. No. 6,092,194, said application No.
`09/861,229 is a continuation-in-part of application No.
`09/551,302, filed on Apr. 18, 2000, now Pat. No. 6,480,
`962, and a continuation of application No. 08/790,097,
`filed on Jan. 29, 1997, now Pat. No. 6,167,520.
`
`(60) Provisional application No. 60/205,591, filed on May
`17, 2000, provisional application No. 60/030,639, filed
`on Nov. 8, 1996.
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`5,263,147 A
`5,278,901 A
`5,311,591 A
`5,319,776 A
`5,359,659 A
`5,361,359 A
`5,398,196 A
`5,412,717 A
`5,414,833 A
`5,440,723 A
`5,452,442 A
`5,483,649 A
`5,485,409 A
`5,485,575 A
`5,524,238 A
`5,572,643 A
`5,579,509 A
`5,606,668 A
`5,621,889 A
`5,623,600 A
`5,623,601 A
`5,638,446 A
`5,675,711 A
`5,692,047 A
`5,692,124 A
`5,696,822 A
`5,720,033 A
`5,724,425 A
`5,740,248 A
`5,740,441 A
`5,761,421 A
`5,765,030 A
`5,765,205 A
`5,784,459 A
`5,796,952 A
`5,805,829 A
`5,809,230 A
`5,825,877 A
`5,832,208 A
`5,832,274 A
`5,850,559 A
`5,854,916 A
`5,859,966 A
`5,864,683 A
`5,867,651 A
`5,878,258 A
`5,881,151 A
`5,884,033 A
`5,889,943 A
`5,892,904 A
`5,951,698 A
`5,956,481 A
`5,958,050 A
`
`11/1993 Francisco et al.
`1/1994 Shieh et al.
`5/1994 Fischer
`6/1994 Hile et al.
`10/1994 Rosenthal
`11/1994 Tajalli et al.
`3/1995 Chambers
`5/1995 Fischer
`5/1995 Hershey et al.
`8/1995 Arnold et al.
`9/1995 Kephart
`1/1996 Kuznetsov et al.
`1/1996 Gupta et al.
`1/1996 Chess et al.
`6/1996 Miller et al.
`11/1996 Judson .......................... 709/218
`11/1996 Furtney et al.
`2/1997 Shwed
`4/1997 Lermuzeaux et al.
`4/1997 Ji et al.
`4/1997 Vu
`6/1997 Rubin
`10/1997 Kephart et al.
`11/1997 McManis
`11/1997 Holden et al.
`12/1997 Nachenberg
`2/1998 Deo
`3/1998 Chang et al.
`4/1998 Fieres et al.
`4/1998 Yellin et al.
`6/1998 Van Hoff et al.
`6/1998 Nachenberg et al.
`6/1998 Breslau et al.
`7/1998 Devarakonda et al.
`8/1998 Davis et al.
`9/1998 Cohen et al.
`9/1998 Pereira
`10/1998 Dan et al.
`11/1998 Chen et al.
`11/1998 Cutler et al.
`12/1998 Angelo et al.
`12/1998 Nachenberg
`1/1999 Hayman eta!.
`1/1999 Boebert et al.
`2/1999 Dan et al.
`3/1999 Pizi et al.
`3/1999 Yamamoto
`3/1999 Duvall et al.
`3/1999 Ji et al.
`4/1999 Atkinson et al.
`9/1999 Chen et al.
`9/1999 Walsh eta!.
`9/1999 Griffin et al.
`
`5,960,170 A
`9/1999 Chen et al.
`5,963,742 A
`10/1999 Williams
`5,964,889 A
`10/1999 Nachenberg
`5,974,549 A
`10/1999 Golan
`5,978,484 A
`11/1999 Apperson et al.
`5,983,348 A
`11/1999 Ji
`5,987,611 A
`11/1999 Freund
`6,070,239 A
`5/2000 McManis
`6,088,801 A
`7/2000 Grecsek
`6,088,803 A
`7/2000 Tso et al.
`6,092,194 A
`7/2000 Touboul
`6,125,390 A
`9/2000 Touboul
`11/2000 Touboul et al.
`6,154,844 A
`6,167,520 A
`12/2000 Touboul
`7/2001 Mueller et al.
`6,263,442 Bl
`1/2002 Beadle et al.
`6,339,829 Bl
`2/2002 Mueller et al.
`6,351,816 Bl
`7/2002 Arimilli et al.
`6,425,058 Bl
`8/2002 Arimilli et al.
`6,434,668 Bl
`8/2002 Arimilli et al.
`6,434,669 Bl
`11/2002 Touboul
`6,480,962 Bl
`11/2002 Shanklin et al.
`6,487,666 Bl
`2/2003 Devireddy et al.
`6,519,679 B2
`5/2003 Shaio et al.
`6,571,338 Bl
`7/2003 Ross et al.
`6,598,033 B2
`11/2003 Davis et al.
`6,643,696 B2
`5/2004 Brown eta!.
`6,732,179 Bl
`10/2004 Touboul
`6,804,780 Bl
`7/2005 Simon eta!.
`6,917,953 B2
`6/2006 Edery et al.
`7,058,822 B2
`11/2006 Porras et al.
`7,143,444 B2
`4/2007 Gryaznov et al.
`7,210,041 Bl
`12/2007 Buchthal et al.
`7,308,648 Bl
`3/2008 Grabarnik et al.
`7,343,604 B2
`8/2008 Touboul
`7,418,731 B2
`11/2009 Edery et al.
`7,613,926 B2
`1/2010 Edery et al.
`7,647,633 B2
`8,079,086 Bl * 12/2011 Edery et al. ..................... 726/24
`2003/0014662 Al
`1/2003 Gupta et al.
`2003/0074190 Al
`4/2003 Allison
`2003/0101358 Al
`5/2003 Porras et al.
`2004/0073811 Al
`4/2004 Sanin
`2004/0088425 Al
`5/2004 Rubinstein et al.
`2005/0050338 Al
`3/2005 Liang et al.
`2005/0172338 Al
`8/2005 Sandu et al.
`2006/0031207 Al
`2/2006 Bjarnestam et al.
`2006/0048224 Al
`3/2006 Duncan et al.
`2008/0066160 Al
`3/2008 Becker et al.
`2010/0195909 Al
`8/2010 Wasson et al.
`
`FOREIGN PATENT DOCUMENTS
`
`EP
`EP
`JP
`WO
`WO
`WO
`WO
`WO
`
`1091276
`1132796
`08-263447
`95/27249
`95/33237
`98/21683
`2004/063948
`WO 2004/063948
`
`4/2001
`9/2001
`10/1996
`10/1995
`12/1995
`5/1998
`7/2004
`7 /2004
`
`................ G06F 1/00
`
`.............. G06F 17 /30
`
`OTHER PUBLICATIONS
`
`Rubin, et al., "Mobile Code Security," IEEE Internet, pp. 30-34, Dec.
`1998.
`Schmid, et al. "Protecting Data From Malicious Software," Proceed(cid:173)
`ing of the 18th Annual Computer Security Applications Conference,
`pp. 1-10, 2002.
`Corradi, et al., "A Flexible Access Control Service for Java Mobile
`Code," IEEE, pp. 356-365, 2000.
`International Search Report for Application No. PCT /IB97/01626, 3
`pp., May 14, 1998 (mailing date).
`International Search Report for Application No. PCT/IL05/00915, 4
`pp., dated Mar. 3, 2006.
`Written Opinion for Application No. PCT/IL05/00915, 5 pp., dated
`Mar. 3, 2006 (mailing date).
`International Search Report for Application No. PCT /IBO 1/01138, 4
`pp., Sep. 20, 2002 (mailing date).
`
`

`

`Case 4:18-cv-07229-YGR Document 195-8 Filed 05/10/21 Page 4 of 31
`
`US 8,677,494 B2
`Page 3
`
`(56)
`
`References Cited
`
`OTHER PUBLICATIONS
`
`International Preliminary Examination Report for Application No.
`PCT/IB0l/01138, 2 pp., dated Dec. 19, 2002.
`Sitaker, Kragen, "Rapid Genetic Evolution of Regular Expressions"
`[ online ], The Mia/Archive, Apr. 24, 2004 (retrieved on Dec. 7, 2004),
`5 pp., Retrieved from the Internet: http://www.rnail-archive.com/
`kragen-tol@canonical.org/msg00097 .html.
`"Lexical Analysis: DFA Minimization & Wrap Up" [online], Fall,
`2004 [retrieved on Mar. 2, 2005], 8 pp., Retrieved from the Internet:
`http://www.owlnet.rice.edu/-comp4 l 2/Lectures/L06Lex W rapup4.
`pdf.
`"Minimization ofDFA" [online], [retrieved on Dec. 7, 2004], 7 pp.,
`Retrieved from the Internet: http://www.cs.odu.edu/-toida/nerzic/
`390teched/regular/fa/min-fa.htrnl.
`"Algorithm: NFS-> DFA" [online], Copyright 1999-2001 [retrieved
`on Dec. 7, 2004], 4 pp., Retrieved from the Internet: http://rw4.cs.
`uni-sb.de/-ganimal/GANIFA/pagel6_e.htrn.
`"CS 3813: Introduction to Formal Languages and Automata-State
`Minimization and Other Algorithms for Finite Automata," 3 pp., May
`11, 2003, Retrieved from the Internet: http://www.cs.msstate.
`edu/-hansen/classes/38 l 3fall0 l/slides/06Minimize. pdf.
`Watson, Bruce W., "Constructing Minimal Acyclic Deterministic
`Finite Automata," [retrieved on Mar. 20, 2005], 38 pp., Retrieved
`from the Internet: http://www.win.tue.nl/-watson/2R870/down(cid:173)
`loads/rnadfa_algs.pdf.
`Chang, Chia-Hsiang, "From Regular Expressions to DFA's Using
`Compressed NFA's," Oct. 1992, 112 pp., http://www.cs.nyu.edu/
`web/Research/Theses/chang_chia-hsiang.pdf.
`"Products," Articles published on the Internet, "Revolutionary Secu(cid:173)
`rity for a New Computing Paradigm" regarding SurfinGate™, 7 pp.
`"Release Notes for the Microsoft ActiveX Development Kit," Aug.
`13, 1996, activex.adsp.or.jp/inetsdk/readme.txt, pp. 1-10.
`Doyle, et al., "Microsoft Press Computer Dictionary," Microsoft
`Press, 2d Edition, pp. 137-138, 1993.
`Finjan Software Ltd., "Powerful PC Security for the New World of
`Java™ and Downloadables, Surfin Shield™," Article published on
`the Internet by Finjan Software Ltd., 2 pp. 1996.
`Finjan Sofrtware Ltd., "FinjanAnnounces a Personal Java™ Firewall
`for Web Browsers-the SurfinShield™ 1.6 (formerly known as
`SurfinBoard)," Press Release of Finjan Releases SurfinShield 1.6, 2
`pp., Oct. 21, 1996.
`Finjan Software Ltd., "Finjan Announces Major Power Boost and
`New Features for SurfinShield™ 2.0," Las Vegas Convention Center/
`Pavillion 5 P5551, 3 pp., Nov. 18, 1996.
`Finjan Software Ltd., "Finjan Software Releases SurfinBoard, Indus(cid:173)
`try's First JAVA Security Product for the World Wide Web," Article
`published on the Internet by Finjan Software Ltd., 1 p., Jul. 29, 1996.
`Finjan Software Ltd., "Java Security: Issues & Solutions," Article
`published on the Internet by Finjan Software Ltd., 8 pp. 1996.
`Finjan Software Ltd., Company Profile, "Finjan-Safe Surfing, The
`Java Security Solutions Provider," Article published on the Internet
`by Finjan Software Ltd., 3 pp., Oct. 31, 1996.
`"IBM AntiVirus User's Guide, Version 2.4,", International Business
`Machines Corporation, pp. 6-7, Nov. 15, 1995.
`Khare, R., "Microsoft Authenticode Analyzed" [online], Jul. 22,
`1996 [retrieved on Jun. 25, 2003], 2 pp., Retrieved from the Internet:
`http://www.xent.com/FoRK-archive/smmer96/0338.htrnl.
`LaDue, M., Online Business Consultant: Java Security: Whose Busi(cid:173)
`ness is It?, Article published on the Internet, Home Page Press, Inc.,
`4 pp., 1996.
`Microsoft, "MicrosoftActiveX Software Development Kit" [ online ],
`Aug. 12, 1996 [retrieved on Jun. 25, 2003], pp. 1-6, Retrieved from
`the Internet: activex.adsp.or.jp/inetsdk/help/overview.htrn.
`Microsoft® Authenticode Technology, "Ensuring Accountability
`and Authenticity for Software Components on the Internet,"
`Microsoft Corporation, Oct. 1996, including Abstract, Contents,
`Introduction, and pp. 1-10.
`
`Microsoft Corporation, Web Page Article "Frequently Asked Ques(cid:173)
`tions About Authenticode," last updated Feb. 17, 1997, printed Dec.
`23, 1998, URL: http://www.microsoft.com/workshop/security/
`authcode/signfaq.asp#9, pp. 1-13.
`Okamoto, E., et al., "ID-Based Authentication System for Computer
`Virus Detection," IEEE/IEE Electronic Library online, Electronics
`Letters, vol. 26, Issue 15, ISSN 0013-5194, Jul. 19, 1990, Abstract
`and pp. 1169-1170, URL: http://iel.ihs.com:80/cgi-bin/iel_cgi?se ..
`2ehts%26ViewTemplate%3ddocview%5 fb%2ehts.
`Omura, J. K., "Novel Applications of Cryptography in Digital Com(cid:173)
`munications," IEEE Communications Magazine, pp. 21-29, May
`1990.
`Zhang, X. N., "Secure Code Distribution," IEEE/IEE Electronic
`Library online, Computer, vol. 30, Issue 6, pp. 76-79, Jun. 1997.
`D. Grune, et al., "Parsing Techniques: A Practical Guide," John Wiley
`& Sons, Inc., New York, New York, USA, pp. 1-326, 2000.
`Scott, et al., "Abstracting Application-Level Web Security," ACM, pp.
`396-407, 2002.
`Thunder Byte Antivirus for Windows.
`InterScan Virus Wall from Trend Micro.
`ViruSafe from Eliashim.
`Intel LANProtect from Intel.
`The Java Security Manager from Sun Microsystems.
`McAfee Web Shield.
`McAfee WebScan.
`McAfee VirusScan.
`McAfee N etShield.
`Dr. Solomon's Antivirus Toolkit for Windows 95.
`Dr. Solomon's Antivirus Toolkit for Windows NT.
`Dr. Solomon's WinGuard.
`Dr. Solomon's Virus Guard.
`Dr. Solomon's Virus Shield.
`Dr. Solomon's Virex.
`Dr. Solomon's "Merlin" Anti-Virus Engine.
`Dr. Solomon'sIMcAfee "Olympus" Anti-Virus Engine.
`ActiveX Web Tutorial.
`Java FAQ (1995-1998).
`Norton AntiVirus TUfor Windows@95 User's Guide. Published by
`Symantec in 1995. (179 pages).
`Jaeger, at al., "Building Systems that Flexibly Control Downloadable
`Executable Content," ProceedinQs of the Sixth USENIX UNIX
`Security Symposium, Jul. 1996. (19 paQes).
`Rasmusson, Andreas and Jansson, Sverker, "Personal Security Assis(cid:173)
`tance for Secure Internet Commerce," Sep. 16, 1996. (12 pages).
`Bharat et al. Migratory Applications• Nov. 15, 1995. (10 oaoes).
`Dean, Drew, et al., "Java Security: From HotJava to Netscape and
`Beyond," 1996 IEEE Symposium on Security and Privacy, May 6,
`1996. (11 pages).
`Sterbenz, Andreas, An Evaluation of the Java Security Model,• IEEE,
`Dec. 1996. fl3pages).
`Fritzinger, J. Steven, et al., Java Security,• Sun Microsystems, Dec.
`1996 (7 paQes).
`Bank Joseoh A. "Java Security," Dec. 8, 1995. (14 paoes).
`Claunch, "Java Blocking," http://groups.google.com/group/muc.
`lists.firewalls/msg/2a5ec02eOOa3707 l. Sep. 25, 1996. Accessed
`date: May 10, 2011. (2 paces).
`Chappell, •Understanding ActiveX and OLE: A Guide for Develop(cid:173)
`ers and Managers (Strategic Technology), Sep. 1, 1996, Microsoft
`Press. (91 pages).
`Crosbie, et al., "Active Defense ofa Computer System Using Autono(cid:173)
`mous Agents". Feb. 15, 1995. (14 pages).
`"Trend Micro's Virus Protection Added to Sun Microsystems Netra
`Internet Servers,"Business Wire, Oct. 1, 1996, available at http://
`www.cs.indiana. edu/ ~kinzler/pubs/viruswall.htrnl.
`"Symantec Announces Norton Antivirus 2.0 for Windows NT,"
`Symantec Corporation press release, Sep. 16, 1996, available at http:/
`Iwww.symantec.com1about/news/release/article.jsp?prid~
`19960916 01.
`"Dark Avenger Mutation Engine No Threat to Protected PCs,"
`McAfee, Inc. press elease, May 11, 1992, available at http://
`securitydigest.org/virus/mirror/www.phreak.orgvirusl/1992/
`vinl05.191.
`
`

`

`Case 4:18-cv-07229-YGR Document 195-8 Filed 05/10/21 Page 5 of 31
`
`US 8,677,494 B2
`Page 4
`
`(56)
`
`References Cited
`
`OTHER PUBLICATIONS
`
`"Dark Avenger Mutation Engine No Threat to Protected PCs,"
`McAfee, Inc. press elease, May 11, 1992, available at http://
`securitydigest.org/virus/mirror/www.phreak.orgvirusl/1992/
`vinl05.191.
`Gryaznov, D.O., "Scanners ofthe Year 2000: Heuristics," Proceed(cid:173)
`ings ofthe Fifth International Virus Bulletin Conference, pp. 225-234
`(1995), available at http://vxheavens.com1lib/adg00.html.
`"Symantec Announces Norton Internet Email Gateway at Internet
`World-Booth# 369 on Dec. 11, 12, and 13," Symantec Corporation
`press release, Dec. 11, 1996, available at http:/ Iwww.symantec
`. comlabout/news/release/article.jsp?prid~ 19961211_03.
`"Presenting Java," by John Dec. (1995).
`"The Java Language Specification" by Gosling, et al. ( 1996).
`"The Java Progranuning Language," by Ken Arnold and James Gos(cid:173)
`ling (1996).
`"The Java Virtual Machine Specification," by Tim Lindholm and
`FrankYellin (1997).
`"Computer Viruses and Artificial Intelligence," by David Stang (Sep.
`1995).
`"Java Security and a Firewall Extension for Authenticity Control of
`Java Applets," by Magnus Johansson (Jan. 29, 1997).
`"Static Analysis of Programs With Application to Malicious Code
`Detection," by Raymond Lo (1992).
`File History for U.S. Patent No. 6,804,780.
`"Virus Detection Alternatives," by Patrick Min (Jul. 1992).
`"Dynamic Detection and Classification of Computer Viruses Using
`General Behaviour Patterns," by LeCharlier, et al. (Sep. 1995).
`The Giant Black Book of Computer Viruses by Mark Ludwig ( 1995).
`HotJava: The Security Story.
`The Java Filter.
`"A Java Filter," by Balfanz, et al.
`"Improved JavaScript and Java Screening Function," by Claunch
`(May 4, 1996).
`"New Version of Java, JavaScript, ActiveX Screening," by Claunch
`(Jul. 3, 1996).
`"A Toolkit and Methods for Internet Firewalls," by Ranum, et al.
`"Identifying and Controlling Undesirable Program Behaviors," by
`Maria King.
`"PACLl's: An Access Control List Approach to Anti-Viral Security,"
`by Wichers, et al.
`Endrijonas, Janet, Rx PC The Anti-Virus Handbook. Published in the
`U.S. in 1993 by TAB Books, a division of McGraw-Hili, Inc. (201
`paQes).
`"Secure Code Distribution," by X. Nick Zhang (Jun. 1997).
`IBM AntiVirus User's Guide (Nov. 15, 1995).
`"Breadth of Runtime Environments and Security Make Java a Good
`Choice for the Internet" (1996).
`Omura, Jim K., "Novel Applications of Cryptography in Digital
`Communications," IEEE Communications Magazine, pp. 21-29,
`May 1990.
`Okamoto, E., et al., "ID-Based Authentication System for Computer
`Virus Detection," IEEE/IEE Electronic Library online, Electronics
`Letters, vol. 26, Issue 15, ISSN 0013-5194, Jul. 19, 1990, Abstract
`and pp. 1169-1170, URL: http:/ /iel.ihs.com:80/cgibinliel_cgi?se .
`2ehts%26ViewTemplate%3ddocview%5fb%2ehts.
`IBM AntiVirus User's Guide Version 2.4, International Business
`Machines Corporation, pp. 6-7, Nov. 15, 1995.
`Leach, Norvin, et al., "IE 3.0 Applets Will Earn Certification," PC
`Week, vol. 13, No. 29,2 pp., Jul. 22, 1996.
`"Finjan Software Releases SurfinBoard, Industry's First JAVA Secu(cid:173)
`rity product for the World Wide Web," Article published on the
`Internet by Finjan Software Ltd., 1 p., Jul. 29, 1996.
`"Powerful PC Security for the New World of JAVATM and
`Downloadables, Surfin Shield™," Article published on the Internet
`by Finjan Software Ltd., 2 pp. 1996.
`Microsoft® Authenticode Technology, "Ensuring Accountability
`and Authenticity for Software Components on the Internet,"
`Microsoft Corporation, including Abstract, Contents, Introduction,
`and pp. 1-10, Oct. 1996.
`
`Finjan Announces a Personal Java™ Firewall for Web Browsers(cid:173)
`the SurfinShield™ 1.6 (formerly known as SurfinBoard), Press
`Release ofFinjan Releases SurfinShield 1.6, 2 pp., Oct. 21, 1996.
`Company Profile, "Finjan-Safe Surfing. The Java Security Solutions
`Provider," Article published on the Internet by Finjan Software Ltd.,
`3 pp., Oct. 31, 1996.
`"Finjan Announces Major Power Boost and New Features for
`SurfinShield™ 2.0," Las Vegas Convention Center/Pavilion 5 P555 l,
`3 pp., Nov. 18, 1996.
`"Java Security: Issues & Solutions," Article published on the Internet
`by Finjan Software Ltd., 8 pp., 1996.
`"Products," Article published on the Internet, 7 pp.
`Mark LaDue, "Online Business Consultant: Java Security: Whose
`Business Is It?," Article published on the Internet, Home Page Press,
`Inc., 4 pp., 1996 .
`"Frequently Asked Questions About
`Web Page Article,
`Authenticode," Microsoft Corporation, last updated Feb. 17, 1997,
`printed Dec. 23, 2998, URL: http://www.microsoft.com/workshop/
`security/authcodee/ signfaq.asp#9, pp. 1-13.
`Zhang, X.N., "Secure Code Distribution," IEEE/IEE Electronic
`Library online, Computer vol. 30, Issue 6, pp. 76-79, Jun. 1997.
`Binstock, Andrew, "Multithreading, Hyper-Threading, Multipro(cid:173)
`cessing: Now, What's the Difference?," httn: !hlv'\v\v-inteLcom!cd/
`ids!dcvdoQcr!asmo-na/enfl/20456.htm, Pacific Data Works, LLC,
`downloaded Jul. 7, 2008, 7 pp.
`VirexPC Version 2.0 or later from Microcom.
`AntiVirus Kit From 1 stAide Software.
`FluShot+ Series of Products by Ross Greenberg.
`Symantec Antivirus ofthe Mac version 3.0 or later.
`"Synthesizing Fast Intrusion Prevention/Detection Systems From
`High-Level Specifications," by Sekar, et al. (1999).
`Art of Computer Virus Research and Defense b Peter Szor (Feb.
`2005).
`"Process Execution Controls as a Mechanism to Ensure Consis(cid:173)
`tency," by Eugen Bacic (1990).
`"Process Execution Controls: Revisited," by Bacic (1990).
`"A Flexible Access Control Service for Java Mobile Code," by Cor(cid:173)
`radi, et al. (2000).
`"Java Security: Issues & Solutions" ( 1996).
`"Microsoft Authenticode analyzed," by Rohit Khare (Jul. 22, 1996).
`"Java Security: Whose Business Is It?" by Mark LaDue (1996).
`Microsoft Authenticode Technology (Oct. 1996).
`"Mobile Code Security," by Rubin, et al.
`"Protecting Data From Malicious Software," by Schmid, et al.
`"Security in the Large: Is Java's Sandbox Scalable?" by Zhong, et al.
`(Apr. 1998).
`"A Domain and type Enforcement UNIX Prototype," by Badger, et al.
`(Jun. 1995).
`"Heuristic Anti-Virus Technology," by Frans Veldrnan.
`"Standards for Security in Open Systems," by Warwick Ford ( 1989).
`"Secure File Transfer Over TCP/IP," by Brown, et al. (Nov. 1992).
`"Standards in Commercial Security," by Nick Pope.
`"X.400 Security Features," by Tony Whyman.
`"Using CASE Tools to Improve the Security of Applications Sys(cid:173)
`tems," by Hosmer, et al. (1988).
`"Miro: Visual Specification of Security," by Reydon, et al. (Oct.
`1990).
`"An Evaluation of Object-Based Progranuning with Visual Basic," by
`Dukovic, et al. (1995).
`"Visual Basic 5.0 Significantly Improved," by W. Dennis Swift (Jun.
`1997).
`"Development of an Object Oriented Framework for Design and
`Implementation of Database Powered Distributed Web Applications
`With the DEMETER Project as a Real-Life Example," by Goschka,
`eta!. (1997).
`Detecting Unusual Program Behavior Using the Statistical Compo(cid:173)
`nent ofthe Nextgeneration Intrusion Detection Expert System
`(NIDES), by Anderson, et al. (May 1995).
`"A Generic Virus Scanner in C++," by Kumar, et al. (Sep. 17, 1992).
`"A Model for Detecting the Existence of Software Corruption in Real
`Time," by Voas, et al. ( 1993).
`"Protection Against Trojan Horses by Source Code Analysis," by
`Saito, et al. (Mar. 1993).
`
`

`

`Case 4:18-cv-07229-YGR Document 195-8 Filed 05/10/21 Page 6 of 31
`
`US 8,677,494 B2
`Page 5
`
`(56)
`
`References Cited
`
`OTHER PUBLICATIONS
`
`Intelligence," by Righard
`
`"Information Agents for Automated Browsing," by Dharap, et al.
`(1996).
`"Static Analysis Virus Detection Tools for Unix Systems," by
`Kerchen, et al. (1990).
`"Managing Trust in an Information-Labeling System," by Blaze, et
`al. (Nov. 4, 1996).
`List of Secure Internet Progranuning Publications from www.cs.
`printceton.edu.
`"A Guide to the Selection of Anti-Virus Tools and Techniques," by
`Polk, et al. (Dec. 2, 1992).
`"An Integrated Toolkit for Operating System Security," by Rabin, et
`al. (Aug. 1988).
`"A Web Navigator With Applets in Cami," by Francois Ronaix (May
`1996).
`"Intel Launches Virus Counterattack," by Charles Bruno (Aug.
`1992).
`Intel LANProtect Software User's Guide (1992).
`"Parents Can Get PC Cruise Control," by George Mannes (Jul. 1996).
`"A New Techniques for Detecting Polymorphic Computer Viruses,"
`by Carey Nachenberg (1995).
`"Heuristic Scanners: Artificial
`Zwienenberg (Sep. 1995).
`Intel LANProtect, 30-Day Test Drive Version User's Manual.
`Slade, Robert, "Guide to Computer Viruses: How to a void Them,
`How to Get Rid of Them, and How to Get Help" (Apr. 1996).
`A Pathology of Computer Viruses by David Ferbranche (Nov. 1994).
`Earl Boebert's post to the greatcircle firewalls mailing list. Taken
`from
`http://www.greatcircle.com/lists/firewalls/archive/firewalls.
`199410 (Oct. 16, 1994).
`CSL Bulletin: Connecting to the Internet: Security Considerations.
`Taken
`from http://csrc.nist.gov/publications/nistbul/csl93-07 .txt
`(Jul. 1993).
`FAQ: Interscan ViruswalL Taken from http://\veb,archive.org/web/
`1997060 50 5033 l/www .. antivirus.corn/faq/finterscanfaq.htrnl
`(last
`updated Aug. 8, 1996).
`Network Security and SunScreen SPF-1OO: Technical White Paper,
`Sun Microsystems, 1995.
`"Why Do We Need Heuristics?" by Frans Veldman (Sep. 1995).
`"Leading Content Security Vendors Announce Support for Check
`Point F irewall-1.3 .0; New Partners for Anti-Virus Protection, URL
`Screening and Java Security," Business Wire, Oct. 7, 1996, available
`at http://www.allbusiness.comltechnolo gyl computernetworks(cid:173)
`computer -networksecurity 1727 4315-1.htrnl#ixzz 1 gkbKf4g 1.
`"McAfee Introduces Web shield; Industry's First Secure Anti-Virus
`Solution for Network Firewalls: Border Network Technologies and
`Secure Computing to Enter into Web Shield OEM Agreements,"
`Business Wire, May 14, 1996, available at http://findarticles.com1p/
`articles/mi_mOEINiis_l 996_May _l 4/ai_l 82834 561.
`"Trend Micro Announces Virus and Security Protection for Microsoft
`Proxy Server; Also Blocks Java Applets, ActiveX," Business Wire,
`Oct.
`29,
`1996,
`available
`at
`http://www.thefreelibrary.
`com!Trend+Micro+announces+virus+and+security+protection+
`for+MicrosofL.-aOI88 l 0512.
`F inj an' s Opposition to Websense' s Renewed Motion for Judgment as
`aMatterofLaw, dated Dec. 21, 2012, filedinFinjan,lnc. v. Symantec
`Corp., Sophos, Inc., and Websense, Inc., CA. No. 10-cv-593 (OMS).
`Declaration of Paul Batcher Re Websense, Inc.s. Proffer of Evidence
`Re Laches, dated.Dec. 19, 2012, filed in Finjan, Inc. v. Symantec
`Corp., Sophos, Inc., and Websense, Inc., CA. No. 10-cv-593 (OMS)
`(Redacted Dec. 26, 2012).
`Opposition to Symantec's Motion for JMOL, dated Dec. 17, 2012,
`filed in Finjan, Inc. v. Symantec Corp., Sophos, Inc., and Websense,
`Inc., CA. No. 10-cv-593 (OMS) (Redacted Dec. 27, 2012).
`Omura, Jim K., "Novel Applications of Crypotgraphy in Digital
`Communications," IEEE Communications Magazine, pp. 21-29,
`May 1990.
`Okamoto, E., et al., "ID-Based Authentication System for Computer
`Virus Detection," IEEEI IEE Electronic Library online, Electronics
`Letters, vol. 26, Issue 15, ISSN 0013-5194, Jul. 19, 1990, Abstract
`
`http://iel.ihs.com:80/cgibin/iel
`1169-1170, URL:
`pp.
`and
`cgi?se ... 2ehts%26ViewTemplate%3ddocview%5fb%ehts.
`IBM AntiVirus User's Ouide Version 2.4, International Business
`Machines Corporation, pp. 6-7, Nov. 15, 1995.
`Leach, Norvin, et al., "IE 3.0 Applets Will Earn Certification," PC
`Week, vol. 13, No. 29, 2 pp., Jul. 22, 1996.
`Finjan Announces a Personal Javal98 Firewall for Web Browsers(cid:173)
`the SurfinShield™ 1.6 (formerly known as SurfinBoard), Press
`Release ofFinjan Releases SurfinShield 1.6,2 pp., Oct. 21, 1996.
`Web Page Article,
`"Frequently Asked Questions About
`Authenticode," Microsoft Corporation, last updated Feb. 17, 1997,
`printed Dec. 23, 1998, URL: http://www.microsoft.com/workshop/
`security/authcodee/ signfaq.asp#9, pp. 1-13.
`Binstock, Andrew, "Multithreading, Hyper-Threading, Multipro(cid:173)
`cessing: Now, What's the Difference?," http://www.intel.com/cd/ids/
`developer/asmo-na/eng/20456.htm, Pacific Data Works, LLC, down(cid:173)
`loaded Jul. 7, 2008,7 pp.
`"Frequently Asked Questions About Authenticode," Microsoft Cor(cid:173)
`poration, updated Feb. 17, 1997.
`"WWWProxyto Cut Off Java," by Carl Claunch (Apr. 12, 1996).
`"Combating Viruses Heuristically," by Frans Veldman (Sep. 1993).
`"MCF: A Malicious Code Filter," by Lo, et al. (May 4, 1994).
`Anti-Virus Tools and Techniques for Computer Systems by Polk, et
`al. (1995).
`"Dynamic Detection and Classification of Computer Viruses Using
`General Behaviour Patterns," by LeCharlier, et al. (Jul. 2, 1995).
`"Towards a Testbed for Malicious Code Detection," by Lo, et al.
`(1991).
`"Blocking Java Applets at the Firewall," by Martin, et al.
`Virus Detection and Elimination by Rune Skardhamar (1996).
`Computer Viruses and Anti-Virus Warfare by Jan Hruska (1992).
`"Active Content Security," by Brady, et al. (Dec. 13, 1999).
`"Low Level Security in Java," by Frank Yellin.
`"Email With a Mind oflts Own: The Safe-Tel Language for Enabled
`Mail," by Nathaniel Borenstein.
`"Mobile Agents: Are They a Good Idea?" by Chess, et al. (Dec. 21,
`1994).
`"Remote Evaluation," by Stamos, et al. (Oct. 1990).
`"Active Message Processing: Messages as Messengers," by John
`Vittal (1981).
`"Progranuning Languages for Distributed Computing Systems," by
`Bal, et al. (Sep. 1989).
`"Scripts and Agents: The New Software High Ground," by John
`Ousterhout (Oct. 20, 1995).
`"The HotJava Browser: A White Paper".
`The Java Virtual Machine Specification, Sun Microsystems (Aug. 21,
`1995).
`"Security of Web Browser Scripting Languages: Vulnerabilities,
`Attacks and Remedies," by Anupam, et al. (Jan. 1998).
`"ActiveX and Java: The Next Virus Carriers?".
`"Gateway Level Corporate Security for the New World of Java and
`Downloadables" (1996).
`"Practical Domain and Type Enforcement for UNIX," by Badger, et
`al. (1995).
`"A Sense of Self for Unix Processes," by Forrest, et al. ( 1996).
`"Antivirus Scanner Analysis 1995," by Marko Helenius (1995).
`"State Transition Analysis: A Rule-Based Intrusion Detection
`Approach," by Ilgun, et al. (Mar. 1995).
`"Automated Detection of Vulnerabilities in Privileged Programs by
`Execution Monitoring," by Ko, et al. (1994).
`"Execution Monitoring of Security-Critical Programs in Distributed
`Systems: A Specification-Based Approach," by Ko, et al. (1997).
`"Classification and Detection of Computer Intrusions," by Sandeep
`Kumar (Aug. 1995).
`ThunderBYTE Anti-Virus Utilities User Manual (1995).
`Doyle, et al., "Microsoft Press Computer Dictionary," Microsoft
`Press, 2nd Edition, pp. 137-138,1993.
`Schmitt, D.A., ".EXE files, OS-2 style," PC Tech Journal, vol. 6, No.
`11, p. 76(13), Nov. 1988.
`International Search Report for Application No. PCT/IB97/01626,
`dated May 14, 1999,2 pp.
`Supplementary European Search Report for Application No. EP 97
`950351, dated Nov. 17, 2004,2 pp.
`
`

`

`Case 4:18-cv-07229-YGR Document 195-8 Filed 05/10/21 Page 7 of 31
`
`US 8,677,494 B2
`Page 6
`
`(56)
`
`References Cited
`
`OTHER PUBLICATIONS
`
`File History for Canadian Application No. 2,275,771, 84 pp.
`File History for European Application No. 97950351.3, 58 pp.
`File History for Japanese Application No. 10-522345,48 pp.
`Lemay, Laura, et al., "Approach of Java Language, Applet, A WT and
`Advanced Apparatus," First Edition, 25 pp. (translated), Aug. 20,
`1996(CS-NB-1999-00238-001).
`Order Construing the Terms of U.S. Patent Nos. 6,092,194;
`6,804,780; 7,058,822; 6,357,010; and 7,185,361,4 pp., Dec. 11,
`2007.
`PlaintiflFinjan Software, Ltd. 's Opening Claim Construction Brief,
`38 pp., Sep. 7, 2007.
`Defendant Secure Computing Corporation's Opening Claim Con(cid:173)
`struction Brief, 46 pp., Sep. 7, 2007.
`PlaintiflFinjan Software, Ltd. 's A

This document is available on Docket Alarm but you must sign up to view it.


Or .

Accessing this document will incur an additional charge of $.

After purchase, you can access this document again without charge.

Accept $ Charge
throbber

Still Working On It

This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.

Give it another minute or two to complete, and then try the refresh button.

throbber

A few More Minutes ... Still Working

It can take up to 5 minutes for us to download a document if the court servers are running slowly.

Thank you for your continued patience.

This document could not be displayed.

We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.

Your account does not support viewing this document.

You need a Paid Account to view this document. Click here to change your account type.

Your account does not support viewing this document.

Set your membership status to view this document.

With a Docket Alarm membership, you'll get a whole lot more, including:

  • Up-to-date information for this case.
  • Email alerts whenever there is an update.
  • Full text search for other cases.
  • Get email alerts whenever a new case matches your search.

Become a Member

One Moment Please

The filing “” is large (MB) and is being downloaded.

Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.

Your document is on its way!

If you do not receive the document in five minutes, contact support at support@docketalarm.com.

Sealed Document

We are unable to display this document, it may be under a court ordered seal.

If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.


Access Government Site

We are redirecting you
to a mobile optimized page.





Document Unreadable or Corrupt

Refresh this Document
Go to the Docket

We are unable to display this document.

Refresh this Document
Go to the Docket