JP2012511847A - 好ましくないソフトウェアまたは悪意のあるソフトウェアを分類するシステムおよび方法 - Google Patents
好ましくないソフトウェアまたは悪意のあるソフトウェアを分類するシステムおよび方法 Download PDFInfo
- Publication number
- JP2012511847A JP2012511847A JP2011540003A JP2011540003A JP2012511847A JP 2012511847 A JP2012511847 A JP 2012511847A JP 2011540003 A JP2011540003 A JP 2011540003A JP 2011540003 A JP2011540003 A JP 2011540003A JP 2012511847 A JP2012511847 A JP 2012511847A
- Authority
- JP
- Japan
- Prior art keywords
- encrypted communication
- list
- approved
- unapproved
- detected
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2149—Restricted operating environment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/144—Detection or countermeasures against botnets
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Virology (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
Abstract
【解決手段】コンピュータ・インフラストラクチャ内に実装され、マルウェアまたは未承認ソフトウェア通信を識別する方法であって、本方法は、暗号化通信を検出するステップ、および暗号化通信の識別データを判断するステップを含む。さらに本方法は、検出された暗号化通信の比較であって、識別データを使用して、暗号化通信の承認済みアプリケーションのリストと、識別データを使用して、暗号化通信の承認済み宛先のリストと、のうちの少なくとも1つとの該比較を行うステップを含む。さらに、本方法は、比較に基づき、検出された暗号化通信が、暗号化通信の承認済みアプリケーションのリスト上にない未承認アプリケーションからであること、および検出された暗号化通信が、承認済み宛先のリスト上にない未承認宛先に対するものであることのうちの少なくとも1つであることを判断するのに応答して、検出された暗号化通信を未承認暗号化通信として識別するステップを含む。
【選択図】図1
Description
1つ以上のワイヤを有する電気的接続
ポータブル・コンピュータ・ディスケット
ハード・ディスク
ランダム・アクセス・メモリ(RAM:random access memory)
読み取り専用メモリ(ROM:read−only memory)
消去可能プログラム可能読み取り専用メモリ(EPROM(erasable programmable read−only memory)またはフラッシュ・メモリ)
光ファイバ
ポータブル・コンパクト・ディスク読み取り専用メモリ(CDROM:compact disc read−only memory)
光学記憶デバイス
インターネットもしくはイントラネットをサポートするものなどの伝送媒体、または
磁気記憶デバイス、あるいはそのいずれかの組み合わせ。
Claims (17)
- コンピュータ・インフラストラクチャ内に実装され、マルウェアまたは未承認ソフトウェア通信を識別する方法であって、
暗号化通信を検出するステップと、
前記暗号化通信の識別データを判断するステップと、
前記検出された暗号化通信の比較であって、
前記識別データを使用して、暗号化通信の承認済みアプリケーションのリストと、
前記識別データを使用して、暗号化通信の承認済み宛先のリストと、
のうちの少なくとも1つとの前記比較を行うステップと、
前記比較に基づき、前記検出された暗号化通信が暗号化通信の承認済みアプリケーションの前記リスト上にない未承認アプリケーションからであること、および
前記検出された暗号化通信が承認済み宛先の前記リスト上にない未承認宛先に対するものであること、
のうちの少なくとも1つであることを判断するのに応答して、前記検出された暗号化通信を、未承認暗号化通信として識別するステップと、
を含む前記方法。 - 前記未承認暗号化通信をブロックするステップをさらに含む、請求項1に記載の方法。
- 前記検出された暗号化通信が、
前記比較に基づき、暗号化通信の承認済みアプリケーションの前記リスト上にある承認済みアプリケーションからであり、
前記比較に基づき、暗号化通信の承認済み宛先の前記リスト上にある承認済み宛先に対するものであれば、
前記検出された暗号化通信を、承認済み暗号化通信として識別するステップをさらに含む、請求項1または請求項2に記載の方法。 - 前記承認済み暗号化通信を許可するステップをさらに含む、請求項3に記載の方法。
- 暗号化通信の承認済みアプリケーションの前記リストと、承認済み宛先の前記リストとのうちの少なくとも1つを受信するステップをさらに含む、先行するいずれかの請求項に記載の方法。
- 暗号化通信の承認済みアプリケーションの前記リストと、承認済み宛先の前記リストとのうちの少なくとも1つを、データベースに記憶するステップをさらに含む、先行するいずれかの請求項に記載の方法。
- 前記検出された暗号化通信が、信頼されているネットワーク上のアプリケーションからであると判断するステップと、
前記アプリケーションを、暗号化通信の承認済みアプリケーションの前記リストに追加するステップと、
をさらに含む、先行するいずれかの請求項に記載の方法。 - 前記未承認暗号化通信と、マルウェアおよび未承認ソフトウェア展開のうちの少なくとも1つとを関連付けるステップをさらに含む、先行するいずれかの請求項に記載の方法。
- 前記検出するステップ、前記比較を行うステップ、および前記識別するステップのうちの少なくとも1つは、リアルタイムで実行される、先行するいずれかの請求項に記載の方法。
- 前記検出された暗号化通信の、未承認暗号化通信としての前記識別を、ユーザに提供するステップと、
前記ユーザから、
前記検出された暗号化通信が送信されてきた前記未承認アプリケーションを、暗号化通信の承認済みアプリケーションの前記リストに追加し、前記検出された暗号化通信を許可すること、および
前記未承認暗号化通信をブロックすること、
のうちの1つの命令を受信するステップと、
をさらに含む、先行するいずれかの請求項に記載の方法。 - 前記暗号化通信を前記検出するステップは、
ネットワーク上の1つ以上のパケットを観測するステップと、
1つ以上の数学的および分析的技法を利用して、前記ネットワーク上の前記1つ以上のパケットを、前記暗号化通信として識別するステップと、
を含む、先行するいずれかの請求項に記載の方法。 - 前記暗号化通信の前記識別データは、
ソース、
宛先、
ソース・ポート番号、
宛先ポート番号、
暗号化タイプ、および
宛先ホスト
のうちの少なくとも1つを含む、先行するいずれかの請求項に記載の方法。 - マルウェアまたは未承認ソフトウェア通信を識別するコンピュータ・システムであって、
暗号化通信を検出する第1のプログラム命令と、
前記暗号化通信の識別データを判断する第2のプログラム命令と、
前記暗号化通信と、暗号化通信の承認済みアプリケーションのリストおよび暗号化通信の承認済み宛先のリストのうちの少なくとも1つとを、前記識別データを使用して比較する第3のプログラム命令と、
前記暗号化通信が、
前記暗号化通信と、暗号化通信の承認済みアプリケーションの前記リストとの前記比較に基づき、暗号化通信の承認済みアプリケーションの前記リスト上にない未承認アプリケーションからであること、
前記暗号化通信と、暗号化通信の承認済み宛先の前記リストとの前記比較に基づき、暗号化通信の承認済み宛先の前記リスト上にない未承認宛先に対するものであること、
のうちの少なくとも1つであることを判断するのに応答して、前記暗号化通信を、未承認暗号化通信として識別する第4のプログラム命令と、
を含む、前記システム。 - 前記未承認暗号化通信をブロックする第5のプログラム命令をさらに含む、請求項13に記載のシステム。
- 前記暗号化通信と、暗号化通信の承認済みアプリケーションの前記リストとの前記比較に基づき、前記暗号化通信が、暗号化通信の承認済みアプリケーションの前記リスト上にある承認済みアプリケーションからであれば、前記暗号化通信を、承認済み暗号化通信として識別し、
前記承認済み暗号化通信を許可する、
第6のプログラム命令をさらに含む、請求項13または請求項14に記載のシステム。 - 暗号化通信の承認済みアプリケーションの前記リストを受信し、暗号化通信の承認済みアプリケーションの前記リストをデータベースに記憶する第7のプログラム命令をさらに含む、請求項13乃至15のいずれかに記載のシステム。
- コンピュータ・プログラムであって、請求項1乃至12のいずれかに記載の前記ステップすべてを実行するようになっている、コンピュータ・プログラム。
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/333,607 US8549625B2 (en) | 2008-12-12 | 2008-12-12 | Classification of unwanted or malicious software through the identification of encrypted data communication |
US12/333,607 | 2008-12-12 | ||
PCT/EP2009/065817 WO2010066580A1 (en) | 2008-12-12 | 2009-11-25 | System and method for classification of unwanted or malicious software |
Publications (2)
Publication Number | Publication Date |
---|---|
JP2012511847A true JP2012511847A (ja) | 2012-05-24 |
JP5497060B2 JP5497060B2 (ja) | 2014-05-21 |
Family
ID=41719318
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2011540003A Expired - Fee Related JP5497060B2 (ja) | 2008-12-12 | 2009-11-25 | 好ましくないソフトウェアまたは悪意のあるソフトウェアを分類するシステムおよび方法 |
Country Status (4)
Country | Link |
---|---|
US (1) | US8549625B2 (ja) |
JP (1) | JP5497060B2 (ja) |
CN (1) | CN102246490B (ja) |
WO (1) | WO2010066580A1 (ja) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10536261B2 (en) | 2014-09-25 | 2020-01-14 | Nec Corporation | Analysis system, analysis method, and storage medium |
US10554383B2 (en) | 2014-09-25 | 2020-02-04 | Nec Corporation | Analysis system, analysis method, and storage medium |
US10931468B2 (en) | 2014-09-25 | 2021-02-23 | Nec Corporation | Analysis system, analysis method, and storage medium |
Families Citing this family (64)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8850569B1 (en) * | 2008-04-15 | 2014-09-30 | Trend Micro, Inc. | Instant messaging malware protection |
US8533844B2 (en) * | 2008-10-21 | 2013-09-10 | Lookout, Inc. | System and method for security data collection and analysis |
US9367680B2 (en) | 2008-10-21 | 2016-06-14 | Lookout, Inc. | System and method for mobile communication device application advisement |
US8984628B2 (en) * | 2008-10-21 | 2015-03-17 | Lookout, Inc. | System and method for adverse mobile application identification |
US8099472B2 (en) | 2008-10-21 | 2012-01-17 | Lookout, Inc. | System and method for a mobile cross-platform software system |
US8051480B2 (en) | 2008-10-21 | 2011-11-01 | Lookout, Inc. | System and method for monitoring and analyzing multiple interfaces and multiple protocols |
US9781148B2 (en) | 2008-10-21 | 2017-10-03 | Lookout, Inc. | Methods and systems for sharing risk responses between collections of mobile communications devices |
US8108933B2 (en) * | 2008-10-21 | 2012-01-31 | Lookout, Inc. | System and method for attack and malware prevention |
US8347386B2 (en) * | 2008-10-21 | 2013-01-01 | Lookout, Inc. | System and method for server-coupled malware prevention |
US9043919B2 (en) | 2008-10-21 | 2015-05-26 | Lookout, Inc. | Crawling multiple markets and correlating |
US8087067B2 (en) | 2008-10-21 | 2011-12-27 | Lookout, Inc. | Secure mobile platform system |
US9235704B2 (en) | 2008-10-21 | 2016-01-12 | Lookout, Inc. | System and method for a scanning API |
US8060936B2 (en) | 2008-10-21 | 2011-11-15 | Lookout, Inc. | Security status and information display system |
US8855601B2 (en) | 2009-02-17 | 2014-10-07 | Lookout, Inc. | System and method for remotely-initiated audio communication |
US8467768B2 (en) | 2009-02-17 | 2013-06-18 | Lookout, Inc. | System and method for remotely securing or recovering a mobile device |
US8538815B2 (en) * | 2009-02-17 | 2013-09-17 | Lookout, Inc. | System and method for mobile device replacement |
US9042876B2 (en) | 2009-02-17 | 2015-05-26 | Lookout, Inc. | System and method for uploading location information based on device movement |
US9955352B2 (en) | 2009-02-17 | 2018-04-24 | Lookout, Inc. | Methods and systems for addressing mobile communications devices that are lost or stolen but not yet reported as such |
US8397301B2 (en) * | 2009-11-18 | 2013-03-12 | Lookout, Inc. | System and method for identifying and assessing vulnerabilities on a mobile communication device |
US9665864B2 (en) * | 2010-05-21 | 2017-05-30 | Intel Corporation | Method and device for conducting trusted remote payment transactions |
US8738765B2 (en) | 2011-06-14 | 2014-05-27 | Lookout, Inc. | Mobile device DNS optimization |
US9521154B2 (en) | 2011-08-03 | 2016-12-13 | Hewlett Packard Enterprise Development Lp | Detecting suspicious network activity using flow sampling |
US8788881B2 (en) | 2011-08-17 | 2014-07-22 | Lookout, Inc. | System and method for mobile device push communications |
US9324034B2 (en) | 2012-05-14 | 2016-04-26 | Qualcomm Incorporated | On-device real-time behavior analyzer |
US9202047B2 (en) | 2012-05-14 | 2015-12-01 | Qualcomm Incorporated | System, apparatus, and method for adaptive observation of mobile device behavior |
US9298494B2 (en) | 2012-05-14 | 2016-03-29 | Qualcomm Incorporated | Collaborative learning for efficient behavioral analysis in networked mobile device |
US9690635B2 (en) | 2012-05-14 | 2017-06-27 | Qualcomm Incorporated | Communicating behavior information in a mobile computing device |
US9609456B2 (en) | 2012-05-14 | 2017-03-28 | Qualcomm Incorporated | Methods, devices, and systems for communicating behavioral analysis information |
US9407443B2 (en) | 2012-06-05 | 2016-08-02 | Lookout, Inc. | Component analysis of software applications on computing devices |
US9589129B2 (en) | 2012-06-05 | 2017-03-07 | Lookout, Inc. | Determining source of side-loaded software |
US9747440B2 (en) | 2012-08-15 | 2017-08-29 | Qualcomm Incorporated | On-line behavioral analysis engine in mobile device with multiple analyzer model providers |
US9495537B2 (en) | 2012-08-15 | 2016-11-15 | Qualcomm Incorporated | Adaptive observation of behavioral features on a mobile device |
US9330257B2 (en) | 2012-08-15 | 2016-05-03 | Qualcomm Incorporated | Adaptive observation of behavioral features on a mobile device |
US9319897B2 (en) | 2012-08-15 | 2016-04-19 | Qualcomm Incorporated | Secure behavior analysis over trusted execution environment |
US9210128B2 (en) * | 2012-10-25 | 2015-12-08 | Check Point Software Technologies Ltd. | Filtering of applications for access to an enterprise network |
US8655307B1 (en) | 2012-10-26 | 2014-02-18 | Lookout, Inc. | System and method for developing, updating, and using user device behavioral context models to modify user, device, and application state, settings and behavior for enhanced user security |
US9208215B2 (en) | 2012-12-27 | 2015-12-08 | Lookout, Inc. | User classification based on data gathered from a computing device |
US9374369B2 (en) | 2012-12-28 | 2016-06-21 | Lookout, Inc. | Multi-factor authentication and comprehensive login system for client-server networks |
US8855599B2 (en) | 2012-12-31 | 2014-10-07 | Lookout, Inc. | Method and apparatus for auxiliary communications with mobile communications device |
US10089582B2 (en) | 2013-01-02 | 2018-10-02 | Qualcomm Incorporated | Using normalized confidence values for classifying mobile device behaviors |
US9686023B2 (en) | 2013-01-02 | 2017-06-20 | Qualcomm Incorporated | Methods and systems of dynamically generating and using device-specific and device-state-specific classifier models for the efficient classification of mobile device behaviors |
US9684870B2 (en) | 2013-01-02 | 2017-06-20 | Qualcomm Incorporated | Methods and systems of using boosted decision stumps and joint feature selection and culling algorithms for the efficient classification of mobile device behaviors |
US9424409B2 (en) | 2013-01-10 | 2016-08-23 | Lookout, Inc. | Method and system for protecting privacy and enhancing security on an electronic device |
US9742559B2 (en) | 2013-01-22 | 2017-08-22 | Qualcomm Incorporated | Inter-module authentication for securing application execution integrity within a computing device |
US9491187B2 (en) | 2013-02-15 | 2016-11-08 | Qualcomm Incorporated | APIs for obtaining device-specific behavior classifier models from the cloud |
US9501645B2 (en) * | 2013-03-15 | 2016-11-22 | Rudolf H. Hendel | System and method for the protection of computers and computer networks against cyber threats |
US9225736B1 (en) | 2013-06-27 | 2015-12-29 | Symantec Corporation | Techniques for detecting anomalous network traffic |
US9875355B1 (en) * | 2013-09-17 | 2018-01-23 | Amazon Technologies, Inc. | DNS query analysis for detection of malicious software |
US9642008B2 (en) | 2013-10-25 | 2017-05-02 | Lookout, Inc. | System and method for creating and assigning a policy for a mobile communications device based on personal data |
US9973534B2 (en) | 2013-11-04 | 2018-05-15 | Lookout, Inc. | Methods and systems for secure network connections |
US9753796B2 (en) | 2013-12-06 | 2017-09-05 | Lookout, Inc. | Distributed monitoring, evaluation, and response for multiple devices |
US10122747B2 (en) | 2013-12-06 | 2018-11-06 | Lookout, Inc. | Response generation after distributed monitoring and evaluation of multiple devices |
GB201501852D0 (en) * | 2015-02-04 | 2015-03-18 | Bishop Jonathan E | Monitoring on-line activity |
EP3289510B1 (en) | 2015-05-01 | 2020-06-17 | Lookout Inc. | Determining source of side-loaded software |
IL240909A (en) * | 2015-08-27 | 2017-04-30 | Syber 2 0 (2015) Ltd | Mixing communication inlets for computer networks |
JP2019507412A (ja) * | 2015-12-31 | 2019-03-14 | サイバー 2.0 (2015) リミテッド | コンピュータネットワークにおけるトラフィックの監視 |
WO2017210198A1 (en) | 2016-05-31 | 2017-12-07 | Lookout, Inc. | Methods and systems for detecting and preventing network connection compromise |
US10931652B2 (en) * | 2017-01-24 | 2021-02-23 | Microsoft Technology Licensing, Llc | Data sealing with a sealing enclave |
US10911451B2 (en) | 2017-01-24 | 2021-02-02 | Microsoft Technology Licensing, Llc | Cross-platform enclave data sealing |
WO2018178028A1 (en) | 2017-03-28 | 2018-10-04 | British Telecommunications Public Limited Company | Initialisation vector identification for encrypted malware traffic detection |
US10218697B2 (en) | 2017-06-09 | 2019-02-26 | Lookout, Inc. | Use of device risk evaluation to manage access to services |
EP3623982B1 (en) | 2018-09-12 | 2021-05-19 | British Telecommunications public limited company | Ransomware remediation |
EP3623980B1 (en) | 2018-09-12 | 2021-04-28 | British Telecommunications public limited company | Ransomware encryption algorithm determination |
US12008102B2 (en) | 2018-09-12 | 2024-06-11 | British Telecommunications Public Limited Company | Encryption key seed determination |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2004533677A (ja) * | 2001-03-12 | 2004-11-04 | ヴィディウス インコーポレイテッド | デジタルコンテンツの無許可トランスポートを監視するためのシステムおよび方法 |
US20050166066A1 (en) * | 2004-01-22 | 2005-07-28 | Ratinder Paul Singh Ahuja | Cryptographic policy enforcement |
JP2005268873A (ja) * | 2004-03-16 | 2005-09-29 | Tokyo Denki Univ | 機密情報の不正送信を防止する方法および装置 |
EP1615373A1 (en) * | 2003-12-08 | 2006-01-11 | Huawei Technologies Co., Ltd. | An access gateway of wlan and a method for ensuring network security using the access gateway of wlan |
US20060248575A1 (en) * | 2005-05-02 | 2006-11-02 | Zachary Levow | Divided encryption connections to provide network traffic security |
JP2006338486A (ja) * | 2005-06-03 | 2006-12-14 | Nippon Telegr & Teleph Corp <Ntt> | Url検証方法、装置、およびプログラム |
WO2007016478A2 (en) * | 2005-07-29 | 2007-02-08 | Bit9, Inc. | Network security systems and methods |
US20070106754A1 (en) * | 2005-09-10 | 2007-05-10 | Moore James F | Security facility for maintaining health care data pools |
JP2007208887A (ja) * | 2006-02-06 | 2007-08-16 | Konami Digital Entertainment:Kk | 通信装置、通信方法、ならびに、プログラム |
Family Cites Families (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040034794A1 (en) * | 2000-05-28 | 2004-02-19 | Yaron Mayer | System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages |
US20030159070A1 (en) | 2001-05-28 | 2003-08-21 | Yaron Mayer | System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages |
US8478824B2 (en) * | 2002-02-05 | 2013-07-02 | Portauthority Technologies Inc. | Apparatus and method for controlling unauthorized dissemination of electronic mail |
US7308715B2 (en) * | 2001-06-13 | 2007-12-11 | Mcafee, Inc. | Protocol-parsing state machine and method of using same |
US7467202B2 (en) * | 2003-09-10 | 2008-12-16 | Fidelis Security Systems | High-performance network content analysis platform |
US20050240991A1 (en) | 2004-04-27 | 2005-10-27 | Dombkowski Kevin E | Secure data communication system |
US7703138B2 (en) * | 2004-12-29 | 2010-04-20 | Intel Corporation | Use of application signature to identify trusted traffic |
US20060156400A1 (en) * | 2005-01-06 | 2006-07-13 | Gbs Laboratories Llc | System and method for preventing unauthorized access to computer devices |
US7447768B2 (en) * | 2005-01-19 | 2008-11-04 | Facetime Communications, Inc. | Categorizing, classifying, and identifying network flows using network and host components |
US20070055731A1 (en) | 2005-09-07 | 2007-03-08 | Jason Thibeault | System and method for secure communications utilizing really simple syndication protocol |
WO2007038517A1 (en) | 2005-09-26 | 2007-04-05 | Wiresoft, Inc. | Methods, software and apparatus for detecting and neutralizing viruses from computer systems and networks |
US20070083930A1 (en) | 2005-10-11 | 2007-04-12 | Jim Dumont | Method, telecommunications node, and computer data signal message for optimizing virus scanning |
US8056115B2 (en) * | 2006-12-11 | 2011-11-08 | International Business Machines Corporation | System, method and program product for identifying network-attack profiles and blocking network intrusions |
US20080282080A1 (en) * | 2007-05-11 | 2008-11-13 | Nortel Networks Limited | Method and apparatus for adapting a communication network according to information provided by a trusted client |
KR100949808B1 (ko) * | 2007-12-07 | 2010-03-30 | 한국전자통신연구원 | P2p 트래픽 관리 장치 및 그 방법 |
-
2008
- 2008-12-12 US US12/333,607 patent/US8549625B2/en not_active Expired - Fee Related
-
2009
- 2009-11-25 JP JP2011540003A patent/JP5497060B2/ja not_active Expired - Fee Related
- 2009-11-25 CN CN200980149225.0A patent/CN102246490B/zh not_active Expired - Fee Related
- 2009-11-25 WO PCT/EP2009/065817 patent/WO2010066580A1/en active Application Filing
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2004533677A (ja) * | 2001-03-12 | 2004-11-04 | ヴィディウス インコーポレイテッド | デジタルコンテンツの無許可トランスポートを監視するためのシステムおよび方法 |
EP1615373A1 (en) * | 2003-12-08 | 2006-01-11 | Huawei Technologies Co., Ltd. | An access gateway of wlan and a method for ensuring network security using the access gateway of wlan |
US20050166066A1 (en) * | 2004-01-22 | 2005-07-28 | Ratinder Paul Singh Ahuja | Cryptographic policy enforcement |
JP2005268873A (ja) * | 2004-03-16 | 2005-09-29 | Tokyo Denki Univ | 機密情報の不正送信を防止する方法および装置 |
US20060248575A1 (en) * | 2005-05-02 | 2006-11-02 | Zachary Levow | Divided encryption connections to provide network traffic security |
JP2006338486A (ja) * | 2005-06-03 | 2006-12-14 | Nippon Telegr & Teleph Corp <Ntt> | Url検証方法、装置、およびプログラム |
WO2007016478A2 (en) * | 2005-07-29 | 2007-02-08 | Bit9, Inc. | Network security systems and methods |
US20070106754A1 (en) * | 2005-09-10 | 2007-05-10 | Moore James F | Security facility for maintaining health care data pools |
JP2007208887A (ja) * | 2006-02-06 | 2007-08-16 | Konami Digital Entertainment:Kk | 通信装置、通信方法、ならびに、プログラム |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10536261B2 (en) | 2014-09-25 | 2020-01-14 | Nec Corporation | Analysis system, analysis method, and storage medium |
US10554383B2 (en) | 2014-09-25 | 2020-02-04 | Nec Corporation | Analysis system, analysis method, and storage medium |
US10931468B2 (en) | 2014-09-25 | 2021-02-23 | Nec Corporation | Analysis system, analysis method, and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN102246490A (zh) | 2011-11-16 |
US20100154032A1 (en) | 2010-06-17 |
CN102246490B (zh) | 2015-06-24 |
JP5497060B2 (ja) | 2014-05-21 |
WO2010066580A1 (en) | 2010-06-17 |
US8549625B2 (en) | 2013-10-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5497060B2 (ja) | 好ましくないソフトウェアまたは悪意のあるソフトウェアを分類するシステムおよび方法 | |
US9661017B2 (en) | System and method for malware and network reputation correlation | |
JP6086968B2 (ja) | 悪意のあるソフトウェアに対するローカル保護をするシステム及び方法 | |
US10068091B1 (en) | System and method for malware containment | |
Mell et al. | Guide to malware incident prevention and handling | |
JP4490994B2 (ja) | ネットワークセキュリティデバイスにおけるパケット分類 | |
US7917955B1 (en) | System, method and computer program product for context-driven behavioral heuristics | |
US8539582B1 (en) | Malware containment and security analysis on connection | |
US8316446B1 (en) | Methods and apparatus for blocking unwanted software downloads | |
US8677493B2 (en) | Dynamic cleaning for malware using cloud technology | |
US20100154061A1 (en) | System and method for identifying malicious activities through non-logged-in host usage | |
US20210194915A1 (en) | Identification of potential network vulnerability and security responses in light of real-time network risk assessment | |
US9069964B2 (en) | Identification of malicious activities through non-logged-in host usage | |
Tang et al. | Concept, characteristics and defending mechanism of worms | |
Khatri et al. | Mobile guard demo: network based malware detection | |
Lacerda et al. | A systematic mapping on security threats in mobile devices | |
Caliaberah et al. | An Adaptive Security Architecture for Detecting Ransomware Attack Using Open Source Software | |
Gill | Malware: Types, Analysis and Classifications | |
Honnavalli B et al. | Comparative Analysis of Botnet and Ransomware for Early Detection | |
Kumar et al. | A Network Based Approach to Malware Detection in Large IT Infrastructures | |
Kassim et al. | Exploitation of Android Mobile Malware in Phishing Modus Operandi: A Malaysia Case Study | |
Arastouie et al. | Detecting Botnets in View of an Efficient Method. | |
Dwivedi et al. | INTERNATIONAL JOURNAL OF ENGINEERING SCIENCES & RESEARCH TECHNOLOGY RECENT TRENDS IN BOTNET RESEARCH | |
Tanni et al. | A Technical Analysis of RedAlert Ransomware-Targeting Virtual Machine Files |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A621 | Written request for application examination |
Free format text: JAPANESE INTERMEDIATE CODE: A621 Effective date: 20120612 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20130730 |
|
A521 | Written amendment |
Free format text: JAPANESE INTERMEDIATE CODE: A821 Effective date: 20130909 Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20130909 |
|
RD12 | Notification of acceptance of power of sub attorney |
Free format text: JAPANESE INTERMEDIATE CODE: A7432 Effective date: 20130909 |
|
A521 | Written amendment |
Free format text: JAPANESE INTERMEDIATE CODE: A821 Effective date: 20130911 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20140115 |
|
A521 | Written amendment |
Free format text: JAPANESE INTERMEDIATE CODE: A821 Effective date: 20140115 Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20140115 |
|
TRDD | Decision of grant or rejection written | ||
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20140218 |
|
A521 | Written amendment |
Free format text: JAPANESE INTERMEDIATE CODE: A821 Effective date: 20140218 |
|
RD14 | Notification of resignation of power of sub attorney |
Free format text: JAPANESE INTERMEDIATE CODE: A7434 Effective date: 20140218 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20140305 |
|
R150 | Certificate of patent or registration of utility model |
Ref document number: 5497060 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 |
|
LAPS | Cancellation because of no payment of annual fees |