US20180129393A1 - Dynamic clip analysis - Google Patents
Dynamic clip analysis Download PDFInfo
- Publication number
- US20180129393A1 US20180129393A1 US15/650,710 US201715650710A US2018129393A1 US 20180129393 A1 US20180129393 A1 US 20180129393A1 US 201715650710 A US201715650710 A US 201715650710A US 2018129393 A1 US2018129393 A1 US 2018129393A1
- Authority
- US
- United States
- Prior art keywords
- client
- remote
- remote application
- content
- clipboard
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/01—Input arrangements or combined input and output arrangements for interaction between user and computer
- G06F3/048—Interaction techniques based on graphical user interfaces [GUI]
- G06F3/0484—Interaction techniques based on graphical user interfaces [GUI] for the control of specific functions or operations, e.g. selecting or manipulating an object, an image or a displayed text element, setting a parameter value or selecting a range
- G06F3/0486—Drag-and-drop
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/543—User-generated data transfer, e.g. clipboards, dynamic data exchange [DDE], object linking and embedding [OLE]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
- H04L67/025—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
Definitions
- FIG. 1 is a conceptual block diagram showing an exemplary embodiment of a dynamic clip analysis system for use in a networked server-client system.
- FIG. 2 is a flowchart of a method for dynamic clip analysis in a networked server-client system.
- the clipboard is a software utility that can be used for short-term data storage and/or data transfer between documents or applications, via copy and paste operations.
- drag and drop is a software utility that can be performed on objects to transfer data between documents or applications. These two utilities are most commonly part of a graphical user interface (GUI) environment.
- GUI graphical user interface
- An operating system may comprise one clipboard.
- An operating system may comprise multiple clipboards.
- An operating system may comprise one drag and drop utility.
- An operating system may comprise multiple drag and drop utilities.
- a typical application accesses clipboard functionality by mapping to these interfaces client input such as one or more of key bindings, menu selections, and the like.
- a typical application may access drag and drop by touch-dragging movements.
- a typical application may access drag and drop via a series of sequential interactions by one or more of a mouse, a glide pad, and an analogous device. For example, one typical series of sequential interactions that may access drag and drop is a click, a hold, a drag, and a release.
- the data contained within a clipboard or within a drag and drop can take many forms, with varying degrees of risk of malicious software, also known as malware. If unchecked, these facilities can be used to transmit malware through the browser link.
- user interfaces for a clipboard and for drag and drop are not necessarily designed to provide the optimum controls, feedback, and performance when one or more of these two utilities is used over network links.
- Clipboards are traditionally comprised in a single computer and share memory space, so copy and paste functions are substantially instantaneous. Remote clipboards may suffer from time delays due to network latency, which may create confusion for clients expecting instant access to clipboard data.
- Many existing virtual desktop infrastructures (VDI's) and remote application systems permit the use of a clipboard over a network. Typically such systems do not provider a client with feedback about the time that may be required for transmission of large amounts of data.
- VDI's virtual desktop infrastructures
- GB gigabytes
- a balloon may pop up to provide the client with an indication of the status of the data transfer and the estimated time to complete the transfer.
- the remote operating system may analyze which data type is in the clipboard and may process the data. According to other embodiments of the invention, the remote operating system may securely apply the action that is most appropriate for that data. According to embodiments of the invention, the remote operating system may access a table comprising one or more of data types and mechanisms for processing the data. According to embodiments of the invention, the mechanisms for processing the data may comprise scrubbing the data to cleanse any malicious content. According to embodiments of the invention, data that is not cleanly processed or that is forbidden by the policy set by the client may not be allowed permission to be copied to the clipboard or to be pasted over the network. According to yet other embodiments of the invention, the analyzed and processed data may be transmitted to the client.
- Examples of supported clipboard data types may include, but are not limited to one or more of text content, image content, video content, word processing content, presentation content, spreadsheet content, zip content, text Hypertext Markup Language (HTML) content, Portable Document Format (PDF) content, and other content of interest.
- text content image content, video content, word processing content, presentation content, spreadsheet content, zip content, text Hypertext Markup Language (HTML) content, Portable Document Format (PDF) content, and other content of interest.
- HTML Hypertext Markup Language
- PDF Portable Document Format
- image content comprises one or more of Joint Photographic Experts Group (JPEG) content, graphic interchange format (GIF) content, Portable Network Graphics (PNG) content, and other image content.
- JPEG Joint Photographic Experts Group
- GIF graphic interchange format
- PNG Portable Network Graphics
- video content comprises one or more of Flash Video File (FLV) content, Motion Picture Experts Group (MPG) video content, Motion Picture Experts Group 4 (MP4) video content, Windows Media Video (WMV) content, and other video content.
- FLV Flash Video File
- MPG Motion Picture Experts Group
- MP4 Motion Picture Experts Group 4
- WMV Windows Media Video
- word processing content comprises one or more of Microsoft Word content, WordPerfect content, Apple Pages content, Google Docs content, Ted content, and other word processing content.
- presentation content comprises one or more of Microsoft Power Point content, Corel Presentations content, Apple Keynote content, Lotus Freelance Graphics content, and other presentation content.
- spreadsheet content comprises one or more of Microsoft Excel content, Quattro Pro content, Apple Numbers content, Lotus 1-2-3 content, and other spreadsheet content.
- any potential binary data may be stripped out.
- the remote operating system if after analyzing and processing the received data, the remote operating system identifies the received data as valid content, the remote operating system re-encodes the received data while excluding potentially malicious data.
- the processing comprises excluding potentially malicious data, for example, a potentially corrupted image.
- the remote operating system determines that the data does not match a supported data type, the remote operating system denies permission to the non-supported data. If the remote operating system determines that the data is not consistent with one or more of remote administrator specifications that may be provided by the client and remote administrator instructions that may be provided by the client, the remote operating system denies permission to the non-supported data.
- the scrubbed data may be sent to the client.
- feedback and control systems may perform one or more of showing the progress of the network transfer, allowing the client to cancel the process, showing an estimated transfer time, and the like.
- duplicate transfer operations may be detected and stopped so as to conserve bandwidth.
- FIG. 1 is a conceptual block diagram showing an exemplary embodiment 100 of a dynamic clip analysis system for use in a networked server-client system. Depicted is a server-client system 100 where the client 110 is a client device 110 .
- the client device 110 may be one or more of a personal computer, a laptop computer, a mobile computing device, a tablet, and the like.
- the client 110 may comprise a client operating system 112 .
- the client operating system 112 may comprise one or more of a client-side clipboard 115 and a client-side drag and drop utility 120 .
- the client operating system 112 may also comprise data in various formats.
- the client operating system 112 may comprise one or more of client-side links 125 , client-side text data 130 , client-side binary data 135 , client-side objects 140 , a client-side remote application module 150 , and another data format 155 .
- the other data format 155 may comprise one or more of an HTML object, an Object Linking and Embedding (OLE) object, hexadecimal data, and another data format.
- the client 110 may also comprise a client-side remote application module 150 .
- One or more of the client-side links 125 , the client-side text data 130 , the client-side binary data 135 , and the client-side objects 140 may transfer data to the client-side clipboard 115 via a client-side copy action 165 , and a client-side remote application module 150 .
- One or more of the client-side links 125 , the client-side text data 130 , the client-side binary data 135 , and the client-side objects 140 may transfer data to the client-side drag and drop utility 120 via a client-side drag and drop action 166 .
- the client operating system 112 may additionally comprise client-side storage 167 .
- the client-side storage 167 comprises one or more of client-side administrator specifications 168 and client-side administrator functions 169 .
- the client-side storage 167 is operably connected with the client-side remote application module 150 .
- the client-side administrator specifications 168 may comprise a configurable list of one or more types of client-side data content.
- the client-side administrator functions 169 may comprise an appropriate action to take on one or more types of client-side data content.
- one or more of the client-side administrator specifications 168 and the client-side administrator functions 169 may comprise one or more tables configured to provide instructions as to the one or more appropriate actions for the client-side data.
- One or more of the client-side administrator specifications and the client-side administrator functions may comprise client Intrusion Detector & Preventer (IDP) (IDP) rules.
- IDDP Intrusion Detector & Preventer
- the client 110 may use one or more of the client-side administrator specifications 168 and the client-side administrator functions 169 to specify desired limitations on content that is to be allowed permission by the system 100 .
- the client 110 may specify via client-side administrator specifications 168 that all JPEG content is to be blocked.
- the client 110 may specify via client-side administrator functions 169 that all PNG content arriving from a particular remote application is to be permitted but with a notice to be transmitted to the client 110 each time it is transmitted.
- the client 110 may specify via client-side administrator specifications 168 that all PDF content comprising more than 100 kilobytes is to be permitted.
- the client-side administrator specifications 168 may direct different processing for different client-side content type(s). For example, the client-side administrator specifications 168 may direct that the client-side image content scrubbed in order to cleanse it. For example, the client-side administrator specifications 168 may direct that the remote sound content be normalized and re-encoded into a Motion Picture Experts Group Audio Layer III (MP3) format in order to cleanse it.
- MP3 Motion Picture Experts Group Audio Layer III
- the client-side administrator functions 168 may direct that in the event the client-side image content cannot be re-encoded in order to cleanse it, an anti-virus scan should be performed on the client-side image content.
- the client-side administrator functions 168 may direct that in the event the client-side sound content cannot be normalized and re-encoded into the MP3 format in order to cleanse it, that the client-side sound content be normalized and re-encoded into the Waveform Audio File (WAV) format in order to cleanse it.
- WAV Waveform Audio File
- the client-side administrator functions 168 may direct that in the event the client-side sound content cannot be normalized and re-encoded into the MP3 format and cannot be normalized and re-encoded into the WAV format in order to cleanse it, an anti-virus scan should be performed on the client-side audio content.
- the system 100 also comprises a remote application 170 .
- the remote application 170 may be interactively connected to the client 110 over a network 175 via the client-side remote application module 150 .
- the client-side clipboard 115 and the client-side drag and drop utility 120 are used on a local device only. Embodiments of the invention provide these functions with advances in security relative to a network 175 , which may be slow.
- the remote application 170 may comprise a remote operating system 180 .
- the remote operating system 180 may comprise one or more of a remote clipboard 181 and a remote drag and drop utility 182 provided by its operating system.
- the remote operating system 180 may also comprise one or more of remote links 185 , remote text data 184 , remote binary data 185 , and remote objects 186 .
- the remote application 170 may also comprise a remote application processing block 187 .
- the remote application processing block 187 can, as depicted in FIG. 1 , be separate from the remote operating system 180 .
- the remote application processing block 187 can alternatively be comprised in the remote operating system 180 .
- One or more of the remote links 185 , the remote text data 184 , the remote binary data 185 , and the remote objects 186 may transfer data to the remote clipboard 181 via a remote clipboard action 188 .
- One or more of the remote links 185 , the remote text data 184 , the remote binary data 185 , and the remote objects 186 may transfer data to the remote drag and drop utility 184 via a remote drag and drop action 189 .
- the remote application 170 may additionally comprise remote storage 190 .
- the remote storage 190 can, as depicted in FIG. 1 , be separate from the remote operating system 180 . If the remote storage 190 is separate from the remote operating system 180 , the remote storage 190 can, as depicted in FIG. 1 , be comprised in the remote application 170 . Alternatively, the remote storage 190 can be comprised in a separate server (not shown), connect by another network connection (not shown) to the remote application 106 . The remote storage 190 can alternatively be comprised in the remote operating system 180 . Regardless of where it is located, the remote storage 190 is operably connected with the remote application processing block 187 .
- the remote storage 190 comprises one or more of remote administrator specifications 191 and remote administrator instructions 192 .
- the remote administrator specifications 191 may comprise a configurable list of one or more types of remote data content.
- the remote administrator instructions 192 may comprise an appropriate action to take on one or more types of remote data content.
- one or more of the remote administrator specifications 191 and the remote administrator instructions 192 may comprise one or more tables configured to provide instructions as to the one or more appropriate actions for the remote data.
- the remote application 170 may use one or more of the remote administrator specifications 191 and the remote administrator instructions 192 to specify desired limitations on content that is to be allowed permission by the system 100 .
- the client 110 may specify via remote administrator specifications 191 that all JPEG content is to be blocked.
- the client 110 may specify via remote administrator instructions 192 that all PNG content arriving from a particular remote application is to be permitted but with a notice to be transmitted to the client 110 each time it is transmitted.
- the client 110 may specify via remote administrator specifications 191 that all PDF content comprising more than 100 kilobytes is to be permitted.
- the remote administrator specifications 191 may direct different processing for different remote content type(s). For example, the remote administrator specifications 191 may direct that the remote image content be scrubbed in order to cleanse it. For example, the remote administrator specifications 191 may direct that the remote sound content be normalized and re-encoded into an MP3 format in order to cleanse it.
- the remote administrator instructions 192 may direct that in the event the remote image content cannot be re-encoded in order to cleanse it, an anti-virus scan should be performed on the remote image content.
- the remote administrator instructions 192 may direct that in the event the remote sound content cannot be normalized and re-encoded into the MP3 format in order to cleanse it, that the remote sound content be normalized and re-encoded into the Waveform Audio File (WAV) format in order to cleanse it.
- WAV Waveform Audio File
- the remote administrator instructions 192 may direct that in the event the remote sound content cannot be normalized and re-encoded into the MP3 format and cannot be normalized and re-encoded into the WAV format in order to cleanse it, an anti-virus scan should be performed on the remote audio content.
- the flow of data may occur from the client 110 to the remote application 170 . Alternatively, or additionally, the flow of data may occur from the remote application 170 to the client 110 .
- the client-side remote application module 150 initiates a client-side clipboard transfer action 193 A.
- the client-side clipboard transfer action 193 A transfers data from the client-side clipboard 115 to the client-side remote application module 150 .
- the client-side remote application module 150 initiates the client-side drag and drop transfer action 193 B.
- the client-side drag and drop transfer action 193 B transfers data from the client-side drag and drop utility 120 to the client-side remote application module 150 .
- un-cleansed client data may be transmitted via a client-to-remote application transfer action 194 from the client-side remote application module 150 via the network 175 to the remote application processing block 187 .
- the remote application processing block 187 in response to the client-to-remote application transfer action 194 , the remote application processing block 187 initiates a corresponding remote clipboard transfer action 195 A.
- the corresponding remote clipboard transfer action 195 A transfers data corresponding to the client-side clipboard transfer action 193 A from the remote clipboard 181 to the remote application processing block 187 .
- the remote application processing block 187 in response to the client-to-remote application transfer action 194 , the remote application processing block 187 initiates a corresponding remote drag and drop transfer action 195 B.
- the corresponding remote drag and drop transfer action 195 B transfers data corresponding to the client-side drag and drop transfer action 193 B from the remote drag and drop utility 182 to the remote application processing block 187 .
- the remote application processing block 187 analyzes the remote data received in the client-to-remote application transfer action 194 .
- the remote application processing block 187 also analyzes the remote data received from the remote clipboard 181 in the remote clipboard transfer action 195 A.
- the remote application processing block 187 analyzes the remote data received in the remote drag and drop transfer action 195 B.
- the remote application processing block 187 determines whether the received client-side data comprises one or more of client-side text content, client-side image content, client-side video content, client-side word processing content, client-side presentation content, client-side spreadsheet content, client-side zip content, client-side text HTML content, client-side PDF content, and other client-side content of interest.
- client-side image content comprises one or more of client-side JPEG content, client-side GIF content, client-side PNG content, and other client-side image content.
- the remote application processing block 187 After analyzing the remote data received in one or more of the remote clipboard transfer action 195 A and the remote drag and drop transfer action 195 B, the remote application processing block 187 processes the remote data.
- the remote application processing block 187 accesses one or more of remote administrator specifications 191 and remote administrator instructions 192 , which the remote application processing block 187 applies to determine the most appropriate methods for processing the remote data.
- one or more of the remote administrator specifications 191 and the remote administrator instructions 192 may comprise one or more tables configured to provide instructions as to processing the remote data.
- the processing of the remote data by the remote application processing block 187 may comprise scrubbing the remote data of potentially malicious content, for example, malware.
- the processing of the remote data by the remote application processing block 187 may comprise blocking the remote data based on one or more of remote administrator specifications 191 and remote administrator instructions 192 .
- remote administrator specifications 191 may specify that all JPEG content is to be blocked.
- the processing of the remote data may comprise applying security mechanisms configured to scrub the remote content of potentially malicious content, for example, malware.
- the remote application processing block 187 re-encodes the remote data, which is now free of potentially malicious data and is also compliant with one or more of the remote administrator specifications 191 and the remote administrator instructions 192 .
- the remote application processing block 187 then transmits the processed, re-encoded data to the client 110 via the remote application-to-client transfer action 197 .
- the remote application processing block 187 also can perform feedback and control functions.
- the feedback and control functions performed by the remote application processing block 187 may be directed in part or in whole by one or more of the remote administrator specifications 191 and the remote administrator instructions 192 .
- the feedback and control functions performed by the remote application processing block 187 may comprise one or more of showing the progress of a client to remote application transfer action 194 , showing the progress of a remote application to client transfer action 197 , allowing the client 110 to cancel the process, showing an estimated transfer time of a client to remote application transfer action 194 , showing an estimated transfer time of a remote application to client transfer action 197 , and de-duplication measures to prevent duplicate transmissions.
- the remote application processing block 187 After determining the remote data received in one or more of the remote clipboard transfer action 195 A and the remote drag and drop transfer action 195 B, the remote application processing block 187 optionally consults one or more of remote administrator specifications 191 and remote administrator instructions 192 to obtain input on how to process the remote data.
- the remote application processing block 187 re-encodes the remote data, which is now free of potentially malicious data and is also compliant with one or more of remote administrator specifications 191 and remote administrator instructions 192 .
- the remote application processing block 187 then transmits the processed, re-encoded data via a remote application-to-client transfer action 197 from the remote application processing block 187 via the network 175 to the client-side remote application module 150 .
- the client-side remote application module 150 also can perform feedback and control functions.
- the feedback and control functions performed by the client-side remote application module 150 may be directed in part or in whole by one or more of the client-side administrator specifications 168 and the remote administrator functions 169 .
- the feedback and control functions performed by the client-side remote application module 150 may comprise one or more of showing the progress of a client to remote application transfer action 194 , showing the progress of a remote application to client transfer action 197 , allowing the client 110 to cancel the process, showing an estimated transfer time of a client to remote application transfer action 194 , showing an estimated transfer time of a remote application to client transfer action 197 , and de-duplication measures to prevent duplicate transmissions.
- the remote application processing block 187 After analyzing the remote data received in one or more of the remote clipboard transfer action 195 A and the remote drag and drop transfer action 195 B, the remote application processing block 187 optionally consults one or more of the remote administrator specifications 191 and the remote administrator instructions 192 to obtain input on how to process the received remote data.
- the client-side remote application module 150 analyzes the remote-side data received in the remote application-to-client transfer action 197 .
- the client-side remote application module 150 also analyzes the client-side data from the client-side clipboard 115 in the client-side clipboard transfer action 193 A.
- the client-side remote application module 150 analyzes the type(s) of data in the client-side drag and drop transfer action 193 B.
- the client-side remote application module 150 determines whether the client-side data comprises one or more of client-side text content, client-side image content, client-side video content, client-side word processing content, client-side presentation content, client-side spreadsheet content, client-side zip content, client-side text HTML content, client-side PDF content, and other client-side content of interest.
- client-side image content comprises one or more of client-side JPEG content, client-side GIF content, client-side PNG content, and other client-side image content.
- the client-side remote application module 150 After analyzing the client-side data received in one or more of the client-side clipboard transfer action 193 A and the client-side drag and drop transfer action 193 B, the client-side remote application module 150 processes the client-side data.
- the client-side remote application module 150 accesses one or more of client-side administrator specifications 168 and client-side administrator functions 169 , which the client-side remote application module 150 applies to determine the most appropriate methods for processing the client-side data.
- one or more of the client-side administrator specifications 168 and the client-side administrator functions 169 may comprise one or more tables configured to provide instructions as to processing the client-side data.
- the processing of the client-side data by the client-side remote application module 150 may comprise scrubbing the client-side data of potentially malicious content, for example, malware.
- the processing of the client-side data by the client-side remote application module 150 may comprise blocking the client-side data based on one or more of client-side administrator specifications 168 and client-side administrator functions 169 .
- client-side administrator specifications 168 may specify that all JPEG content is to be blocked.
- the processing of the client-side data may comprise applying security mechanisms configured to scrub the client-side content of potentially malicious content, for example, malware.
- the client-side remote application module 150 re-encodes the client-side data, which is now free of potentially malicious data and is also compliant with one or more of client-side administrator specifications 168 and client-side administrator functions 169 .
- the client-side remote application module 150 then transmits the processed, re-encoded data to the client 110 via the remote application-to-client transfer action 197 .
- the client-side remote application module 150 After analyzing the client-side data received in one or more of the client-side clipboard transfer action 193 A and the client-side drag and drop transfer action 193 B, the client-side remote application module 150 optionally consults one or more of the client-side administrator specifications 168 and the client-side administrator functions 169 to obtain input on how to process the client-side content type(s).
- FIG. 2 is a flowchart of a method 200 for dynamic clip analysis in a networked server-client system.
- the order of the steps in the method 200 is not constrained to that shown in FIG. 2 nor is it constrained to that described in the following discussion. Several of the steps could occur in a different order without affecting the final result.
- the remote application receives from the client client-side content analysis performed at the client of one or more of a client-side clipboard and a client-side drag and drop utility. Block 210 then transfers control to block 220 .
- Block 220 the remote application applies the received client-side content analysis. Block 220 then transfers control to block 230 .
- the remote application receives remote content from one or more of a remote clipboard and a remote drag and drop utility. Block 230 then transfers control to block 240 .
- Block 240 the remote application analyzes the remote content. Block 240 then transfers control to block 250 .
- Block 250 the remote application processes the remote content. Block 250 then transfers control to block 260 .
- Block 260 the remote application re-encodes the remote content. Block 260 then terminates the process.
Abstract
Description
- The present application claims the priority benefit of U.S. provisional patent application No. 61/775,854 filed Mar. 11, 2013 and entitled “Dynamic Clip Analysis,” the disclosure of which is incorporated herein by reference.
- This application contains subject matter that is related to the subject matter of the following applications, which are assigned to the same assignee as this application. The below-listed U.S. patent applications are hereby incorporated herein by reference in their entirety:
-
- “TUNABLE INTRUSION PREVENTION WITH FORENSIC ANALYSIS,” by Spikes and Sims, co-filed herewith.
- “APPLICATION MALWARE ISOLATION VIA HARDWARE SEPARATION,” by Spikes, to be filed on Mar. 12, 2014, to claim the priority benefit of U.S. provisional patent application No. 61/777,545 filed Mar. 12, 2013 and entitled “Application Malware Isolation Via Hardware Separation.”
-
FIG. 1 is a conceptual block diagram showing an exemplary embodiment of a dynamic clip analysis system for use in a networked server-client system. -
FIG. 2 is a flowchart of a method for dynamic clip analysis in a networked server-client system. - The clipboard is a software utility that can be used for short-term data storage and/or data transfer between documents or applications, via copy and paste operations. Similarly, drag and drop is a software utility that can be performed on objects to transfer data between documents or applications. These two utilities are most commonly part of a graphical user interface (GUI) environment. The clipboard and drag and drop can typically be accessed via defined programming interfaces from most or all programs within the environment.
- An operating system may comprise one clipboard. An operating system may comprise multiple clipboards. An operating system may comprise one drag and drop utility. An operating system may comprise multiple drag and drop utilities. A typical application accesses clipboard functionality by mapping to these interfaces client input such as one or more of key bindings, menu selections, and the like. A typical application may access drag and drop by touch-dragging movements. Alternatively, or additionally, a typical application may access drag and drop via a series of sequential interactions by one or more of a mouse, a glide pad, and an analogous device. For example, one typical series of sequential interactions that may access drag and drop is a click, a hold, a drag, and a release. The data contained within a clipboard or within a drag and drop can take many forms, with varying degrees of risk of malicious software, also known as malware. If unchecked, these facilities can be used to transmit malware through the browser link. In addition, user interfaces for a clipboard and for drag and drop are not necessarily designed to provide the optimum controls, feedback, and performance when one or more of these two utilities is used over network links.
- Clipboards are traditionally comprised in a single computer and share memory space, so copy and paste functions are substantially instantaneous. Remote clipboards may suffer from time delays due to network latency, which may create confusion for clients expecting instant access to clipboard data. Many existing virtual desktop infrastructures (VDI's) and remote application systems permit the use of a clipboard over a network. Typically such systems do not provider a client with feedback about the time that may be required for transmission of large amounts of data. According to embodiments of the invention, if a client tries to cut and paste 2 gigabytes (GB) of data over a network, the client will be informed regarding the expected transfer time. According to embodiments of the invention, a balloon may pop up to provide the client with an indication of the status of the data transfer and the estimated time to complete the transfer.
- According to embodiments of the invention, if a client is pasting from the clipboard or is dragging and dropping an object, the remote operating system may analyze which data type is in the clipboard and may process the data. According to other embodiments of the invention, the remote operating system may securely apply the action that is most appropriate for that data. According to embodiments of the invention, the remote operating system may access a table comprising one or more of data types and mechanisms for processing the data. According to embodiments of the invention, the mechanisms for processing the data may comprise scrubbing the data to cleanse any malicious content. According to embodiments of the invention, data that is not cleanly processed or that is forbidden by the policy set by the client may not be allowed permission to be copied to the clipboard or to be pasted over the network. According to yet other embodiments of the invention, the analyzed and processed data may be transmitted to the client.
- Examples of supported clipboard data types may include, but are not limited to one or more of text content, image content, video content, word processing content, presentation content, spreadsheet content, zip content, text Hypertext Markup Language (HTML) content, Portable Document Format (PDF) content, and other content of interest.
- For example, image content comprises one or more of Joint Photographic Experts Group (JPEG) content, graphic interchange format (GIF) content, Portable Network Graphics (PNG) content, and other image content.
- For example, video content comprises one or more of Flash Video File (FLV) content, Motion Picture Experts Group (MPG) video content, Motion Picture Experts Group 4 (MP4) video content, Windows Media Video (WMV) content, and other video content.
- For example, word processing content comprises one or more of Microsoft Word content, WordPerfect content, Apple Pages content, Google Docs content, Ted content, and other word processing content.
- For example, presentation content comprises one or more of Microsoft Power Point content, Corel Presentations content, Apple Keynote content, Lotus Freelance Graphics content, and other presentation content.
- For example, spreadsheet content comprises one or more of Microsoft Excel content, Quattro Pro content, Apple Numbers content, Lotus 1-2-3 content, and other spreadsheet content. According to embodiments of the invention, if the remote operating system identifies the data as text data, any potential binary data may be stripped out.
- According to other embodiments of the invention, if after analyzing and processing the received data, the remote operating system identifies the received data as valid content, the remote operating system re-encodes the received data while excluding potentially malicious data. According to still other embodiments of the invention, the processing comprises excluding potentially malicious data, for example, a potentially corrupted image.
- If the remote operating system determines that the data does not match a supported data type, the remote operating system denies permission to the non-supported data. If the remote operating system determines that the data is not consistent with one or more of remote administrator specifications that may be provided by the client and remote administrator instructions that may be provided by the client, the remote operating system denies permission to the non-supported data.
- According to embodiments of the invention, after the data is analyzed, processed and scrubbed, the scrubbed data may be sent to the client. According to embodiments of the invention, feedback and control systems may perform one or more of showing the progress of the network transfer, allowing the client to cancel the process, showing an estimated transfer time, and the like. According to embodiments of the invention, duplicate transfer operations may be detected and stopped so as to conserve bandwidth.
-
FIG. 1 is a conceptual block diagram showing an exemplary embodiment 100 of a dynamic clip analysis system for use in a networked server-client system. Depicted is a server-client system 100 where the client 110 is a client device 110. For example, the client device 110 may be one or more of a personal computer, a laptop computer, a mobile computing device, a tablet, and the like. - The client 110 may comprise a client operating system 112. The client operating system 112 may comprise one or more of a client-
side clipboard 115 and a client-side drag anddrop utility 120. The client operating system 112 may also comprise data in various formats. For example, the client operating system 112 may comprise one or more of client-side links 125, client-side text data 130, client-sidebinary data 135, client-side objects 140, a client-sideremote application module 150, and another data format 155. The other data format 155 may comprise one or more of an HTML object, an Object Linking and Embedding (OLE) object, hexadecimal data, and another data format. The client 110 may also comprise a client-sideremote application module 150. - One or more of the client-
side links 125, the client-side text data 130, the client-sidebinary data 135, and the client-side objects 140 may transfer data to the client-side clipboard 115 via a client-side copy action 165, and a client-sideremote application module 150. One or more of the client-side links 125, the client-side text data 130, the client-sidebinary data 135, and the client-side objects 140 may transfer data to the client-side drag anddrop utility 120 via a client-side drag anddrop action 166. - The client operating system 112 may additionally comprise client-
side storage 167. The client-side storage 167 comprises one or more of client-side administrator specifications 168 and client-side administrator functions 169. The client-side storage 167 is operably connected with the client-sideremote application module 150. - For example, the client-
side administrator specifications 168 may comprise a configurable list of one or more types of client-side data content. For example, the client-side administrator functions 169 may comprise an appropriate action to take on one or more types of client-side data content. For example, one or more of the client-side administrator specifications 168 and the client-side administrator functions 169 may comprise one or more tables configured to provide instructions as to the one or more appropriate actions for the client-side data. - One or more of the client-side administrator specifications and the client-side administrator functions may comprise client Intrusion Detector & Preventer (IDP) (IDP) rules.
- The client 110 may use one or more of the client-
side administrator specifications 168 and the client-side administrator functions 169 to specify desired limitations on content that is to be allowed permission by the system 100. For example, the client 110 may specify via client-side administrator specifications 168 that all JPEG content is to be blocked. For example, the client 110 may specify via client-side administrator functions 169 that all PNG content arriving from a particular remote application is to be permitted but with a notice to be transmitted to the client 110 each time it is transmitted. For example, the client 110 may specify via client-side administrator specifications 168 that all PDF content comprising more than 100 kilobytes is to be permitted. - For example, the client-
side administrator specifications 168 may direct different processing for different client-side content type(s). For example, the client-side administrator specifications 168 may direct that the client-side image content scrubbed in order to cleanse it. For example, the client-side administrator specifications 168 may direct that the remote sound content be normalized and re-encoded into a Motion Picture Experts Group Audio Layer III (MP3) format in order to cleanse it. - For example, the client-side administrator functions 168 may direct that in the event the client-side image content cannot be re-encoded in order to cleanse it, an anti-virus scan should be performed on the client-side image content. For example, the client-side administrator functions 168 may direct that in the event the client-side sound content cannot be normalized and re-encoded into the MP3 format in order to cleanse it, that the client-side sound content be normalized and re-encoded into the Waveform Audio File (WAV) format in order to cleanse it. For example, the client-side administrator functions 168 may direct that in the event the client-side sound content cannot be normalized and re-encoded into the MP3 format and cannot be normalized and re-encoded into the WAV format in order to cleanse it, an anti-virus scan should be performed on the client-side audio content.
- The system 100 also comprises a
remote application 170. Theremote application 170 may be interactively connected to the client 110 over anetwork 175 via the client-sideremote application module 150. Typically, the client-side clipboard 115 and the client-side drag anddrop utility 120 are used on a local device only. Embodiments of the invention provide these functions with advances in security relative to anetwork 175, which may be slow. - The
remote application 170 may comprise aremote operating system 180. Theremote operating system 180 may comprise one or more of aremote clipboard 181 and a remote drag anddrop utility 182 provided by its operating system. Theremote operating system 180 may also comprise one or more ofremote links 185,remote text data 184, remotebinary data 185, andremote objects 186. Theremote application 170 may also comprise a remoteapplication processing block 187. The remoteapplication processing block 187 can, as depicted inFIG. 1 , be separate from theremote operating system 180. The remoteapplication processing block 187 can alternatively be comprised in theremote operating system 180. - One or more of the
remote links 185, theremote text data 184, the remotebinary data 185, and theremote objects 186 may transfer data to theremote clipboard 181 via aremote clipboard action 188. One or more of theremote links 185, theremote text data 184, the remotebinary data 185, and theremote objects 186 may transfer data to the remote drag anddrop utility 184 via a remote drag anddrop action 189. - The
remote application 170 may additionally compriseremote storage 190. Theremote storage 190 can, as depicted inFIG. 1 , be separate from theremote operating system 180. If theremote storage 190 is separate from theremote operating system 180, theremote storage 190 can, as depicted inFIG. 1 , be comprised in theremote application 170. Alternatively, theremote storage 190 can be comprised in a separate server (not shown), connect by another network connection (not shown) to the remote application 106. Theremote storage 190 can alternatively be comprised in theremote operating system 180. Regardless of where it is located, theremote storage 190 is operably connected with the remoteapplication processing block 187. - The
remote storage 190 comprises one or more ofremote administrator specifications 191 andremote administrator instructions 192. For example, theremote administrator specifications 191 may comprise a configurable list of one or more types of remote data content. For example, theremote administrator instructions 192 may comprise an appropriate action to take on one or more types of remote data content. For example, one or more of theremote administrator specifications 191 and theremote administrator instructions 192 may comprise one or more tables configured to provide instructions as to the one or more appropriate actions for the remote data. - The
remote application 170 may use one or more of theremote administrator specifications 191 and theremote administrator instructions 192 to specify desired limitations on content that is to be allowed permission by the system 100. For example, the client 110 may specify viaremote administrator specifications 191 that all JPEG content is to be blocked. For example, the client 110 may specify viaremote administrator instructions 192 that all PNG content arriving from a particular remote application is to be permitted but with a notice to be transmitted to the client 110 each time it is transmitted. For example, the client 110 may specify viaremote administrator specifications 191 that all PDF content comprising more than 100 kilobytes is to be permitted. - For example, the
remote administrator specifications 191 may direct different processing for different remote content type(s). For example, theremote administrator specifications 191 may direct that the remote image content be scrubbed in order to cleanse it. For example, theremote administrator specifications 191 may direct that the remote sound content be normalized and re-encoded into an MP3 format in order to cleanse it. - For example, the
remote administrator instructions 192 may direct that in the event the remote image content cannot be re-encoded in order to cleanse it, an anti-virus scan should be performed on the remote image content. For example, theremote administrator instructions 192 may direct that in the event the remote sound content cannot be normalized and re-encoded into the MP3 format in order to cleanse it, that the remote sound content be normalized and re-encoded into the Waveform Audio File (WAV) format in order to cleanse it. For example, theremote administrator instructions 192 may direct that in the event the remote sound content cannot be normalized and re-encoded into the MP3 format and cannot be normalized and re-encoded into the WAV format in order to cleanse it, an anti-virus scan should be performed on the remote audio content. - The flow of data may occur from the client 110 to the
remote application 170. Alternatively, or additionally, the flow of data may occur from theremote application 170 to the client 110. - At the client 110, the client-side
remote application module 150 initiates a client-sideclipboard transfer action 193A. The client-sideclipboard transfer action 193A transfers data from the client-side clipboard 115 to the client-sideremote application module 150. - Alternatively, or additionally, at the client 110, the client-side
remote application module 150 initiates the client-side drag and droptransfer action 193B. The client-side drag and droptransfer action 193B transfers data from the client-side drag anddrop utility 120 to the client-sideremote application module 150. - At the client 110, un-cleansed client data may be transmitted via a client-to-remote
application transfer action 194 from the client-sideremote application module 150 via thenetwork 175 to the remoteapplication processing block 187. - At the
remote application 170, in response to the client-to-remoteapplication transfer action 194, the remoteapplication processing block 187 initiates a corresponding remoteclipboard transfer action 195A. The corresponding remoteclipboard transfer action 195A transfers data corresponding to the client-sideclipboard transfer action 193A from theremote clipboard 181 to the remoteapplication processing block 187. - Alternatively, or additionally, at the
remote application 170, in response to the client-to-remoteapplication transfer action 194, the remoteapplication processing block 187 initiates a corresponding remote drag and droptransfer action 195B. The corresponding remote drag and droptransfer action 195B transfers data corresponding to the client-side drag and droptransfer action 193B from the remote drag anddrop utility 182 to the remoteapplication processing block 187. - The remote
application processing block 187 analyzes the remote data received in the client-to-remoteapplication transfer action 194. The remoteapplication processing block 187 also analyzes the remote data received from theremote clipboard 181 in the remoteclipboard transfer action 195A. Alternatively, or additionally, the remoteapplication processing block 187 analyzes the remote data received in the remote drag and droptransfer action 195B. For example, the remoteapplication processing block 187 determines whether the received client-side data comprises one or more of client-side text content, client-side image content, client-side video content, client-side word processing content, client-side presentation content, client-side spreadsheet content, client-side zip content, client-side text HTML content, client-side PDF content, and other client-side content of interest. For example, client-side image content comprises one or more of client-side JPEG content, client-side GIF content, client-side PNG content, and other client-side image content. - After analyzing the remote data received in one or more of the remote
clipboard transfer action 195A and the remote drag and droptransfer action 195B, the remoteapplication processing block 187 processes the remote data. - Optionally, the remote
application processing block 187 accesses one or more ofremote administrator specifications 191 andremote administrator instructions 192, which the remoteapplication processing block 187 applies to determine the most appropriate methods for processing the remote data. - As noted above, one or more of the
remote administrator specifications 191 and theremote administrator instructions 192 may comprise one or more tables configured to provide instructions as to processing the remote data. The processing of the remote data by the remoteapplication processing block 187 may comprise scrubbing the remote data of potentially malicious content, for example, malware. The processing of the remote data by the remoteapplication processing block 187 may comprise blocking the remote data based on one or more ofremote administrator specifications 191 andremote administrator instructions 192. As noted above, for example,remote administrator specifications 191 may specify that all JPEG content is to be blocked. The processing of the remote data may comprise applying security mechanisms configured to scrub the remote content of potentially malicious content, for example, malware. - Following the processing, the remote
application processing block 187 re-encodes the remote data, which is now free of potentially malicious data and is also compliant with one or more of theremote administrator specifications 191 and theremote administrator instructions 192. The remoteapplication processing block 187 then transmits the processed, re-encoded data to the client 110 via the remote application-to-client transfer action 197. - The remote
application processing block 187 also can perform feedback and control functions. The feedback and control functions performed by the remoteapplication processing block 187 may be directed in part or in whole by one or more of theremote administrator specifications 191 and theremote administrator instructions 192. The feedback and control functions performed by the remoteapplication processing block 187 may comprise one or more of showing the progress of a client to remoteapplication transfer action 194, showing the progress of a remote application toclient transfer action 197, allowing the client 110 to cancel the process, showing an estimated transfer time of a client to remoteapplication transfer action 194, showing an estimated transfer time of a remote application toclient transfer action 197, and de-duplication measures to prevent duplicate transmissions. - After determining the remote data received in one or more of the remote
clipboard transfer action 195A and the remote drag and droptransfer action 195B, the remoteapplication processing block 187 optionally consults one or more ofremote administrator specifications 191 andremote administrator instructions 192 to obtain input on how to process the remote data. - Following the processing, the remote
application processing block 187 re-encodes the remote data, which is now free of potentially malicious data and is also compliant with one or more ofremote administrator specifications 191 andremote administrator instructions 192. The remoteapplication processing block 187 then transmits the processed, re-encoded data via a remote application-to-client transfer action 197 from the remoteapplication processing block 187 via thenetwork 175 to the client-sideremote application module 150. - The client-side
remote application module 150 also can perform feedback and control functions. The feedback and control functions performed by the client-sideremote application module 150 may be directed in part or in whole by one or more of the client-side administrator specifications 168 and the remote administrator functions 169. The feedback and control functions performed by the client-sideremote application module 150 may comprise one or more of showing the progress of a client to remoteapplication transfer action 194, showing the progress of a remote application toclient transfer action 197, allowing the client 110 to cancel the process, showing an estimated transfer time of a client to remoteapplication transfer action 194, showing an estimated transfer time of a remote application toclient transfer action 197, and de-duplication measures to prevent duplicate transmissions. - After analyzing the remote data received in one or more of the remote
clipboard transfer action 195A and the remote drag and droptransfer action 195B, the remoteapplication processing block 187 optionally consults one or more of theremote administrator specifications 191 and theremote administrator instructions 192 to obtain input on how to process the received remote data. - At the client 110, the client-side
remote application module 150 analyzes the remote-side data received in the remote application-to-client transfer action 197. The client-sideremote application module 150 also analyzes the client-side data from the client-side clipboard 115 in the client-sideclipboard transfer action 193A. Alternatively, or additionally, the client-sideremote application module 150 analyzes the type(s) of data in the client-side drag and droptransfer action 193B. For example, the client-sideremote application module 150 determines whether the client-side data comprises one or more of client-side text content, client-side image content, client-side video content, client-side word processing content, client-side presentation content, client-side spreadsheet content, client-side zip content, client-side text HTML content, client-side PDF content, and other client-side content of interest. For example, client-side image content comprises one or more of client-side JPEG content, client-side GIF content, client-side PNG content, and other client-side image content. - After analyzing the client-side data received in one or more of the client-side
clipboard transfer action 193A and the client-side drag and droptransfer action 193B, the client-sideremote application module 150 processes the client-side data. - Optionally, the client-side
remote application module 150 accesses one or more of client-side administrator specifications 168 and client-side administrator functions 169, which the client-sideremote application module 150 applies to determine the most appropriate methods for processing the client-side data. - As noted above, one or more of the client-
side administrator specifications 168 and the client-side administrator functions 169 may comprise one or more tables configured to provide instructions as to processing the client-side data. The processing of the client-side data by the client-sideremote application module 150 may comprise scrubbing the client-side data of potentially malicious content, for example, malware. The processing of the client-side data by the client-sideremote application module 150 may comprise blocking the client-side data based on one or more of client-side administrator specifications 168 and client-side administrator functions 169. As noted above, for example, client-side administrator specifications 168 may specify that all JPEG content is to be blocked. The processing of the client-side data may comprise applying security mechanisms configured to scrub the client-side content of potentially malicious content, for example, malware. - Following the processing, the client-side
remote application module 150 re-encodes the client-side data, which is now free of potentially malicious data and is also compliant with one or more of client-side administrator specifications 168 and client-side administrator functions 169. The client-sideremote application module 150 then transmits the processed, re-encoded data to the client 110 via the remote application-to-client transfer action 197. - After analyzing the client-side data received in one or more of the client-side
clipboard transfer action 193A and the client-side drag and droptransfer action 193B, the client-sideremote application module 150 optionally consults one or more of the client-side administrator specifications 168 and the client-side administrator functions 169 to obtain input on how to process the client-side content type(s). -
FIG. 2 is a flowchart of amethod 200 for dynamic clip analysis in a networked server-client system. The order of the steps in themethod 200 is not constrained to that shown inFIG. 2 nor is it constrained to that described in the following discussion. Several of the steps could occur in a different order without affecting the final result. - In
block 210, the remote application receives from the client client-side content analysis performed at the client of one or more of a client-side clipboard and a client-side drag and drop utility.Block 210 then transfers control to block 220. - In
block 220, the remote application applies the received client-side content analysis.Block 220 then transfers control to block 230. - In
block 230, the remote application receives remote content from one or more of a remote clipboard and a remote drag and drop utility.Block 230 then transfers control to block 240. - In
block 240, the remote application analyzes the remote content.Block 240 then transfers control to block 250. - In
block 250, the remote application processes the remote content.Block 250 then transfers control to block 260. - In
block 260, the remote application re-encodes the remote content.Block 260 then terminates the process. - While the above representative embodiments have been described with certain components in exemplary configurations, it will be understood by one of ordinary skill in the art that other representative embodiments can be implemented using different configurations and/or different components. For example, it will be understood by one of ordinary skill in the art that the order of certain fabrication steps and certain components can be altered without substantially impairing the functioning of the invention.
- The representative embodiments and disclosed subject matter, which have been described in detail herein, have been presented by way of example and illustration and not by way of limitation. It will be understood by those skilled in the art that various changes may be made in the form and details of the described embodiments resulting in equivalent embodiments that remain within the scope of the invention. It is intended, therefore, that the subject matter in the above description shall be interpreted as illustrative and shall not be interpreted in a limiting sense.
Claims (20)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/650,710 US20180129393A1 (en) | 2013-03-11 | 2017-07-14 | Dynamic clip analysis |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201361775854P | 2013-03-11 | 2013-03-11 | |
US201361777545P | 2013-03-12 | 2013-03-12 | |
US14/205,023 US9740390B2 (en) | 2013-03-11 | 2014-03-11 | Dynamic clip analysis |
US15/650,710 US20180129393A1 (en) | 2013-03-11 | 2017-07-14 | Dynamic clip analysis |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/205,023 Continuation US9740390B2 (en) | 2013-03-11 | 2014-03-11 | Dynamic clip analysis |
Publications (1)
Publication Number | Publication Date |
---|---|
US20180129393A1 true US20180129393A1 (en) | 2018-05-10 |
Family
ID=51489249
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/205,023 Expired - Fee Related US9740390B2 (en) | 2013-03-11 | 2014-03-11 | Dynamic clip analysis |
US15/650,710 Abandoned US20180129393A1 (en) | 2013-03-11 | 2017-07-14 | Dynamic clip analysis |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/205,023 Expired - Fee Related US9740390B2 (en) | 2013-03-11 | 2014-03-11 | Dynamic clip analysis |
Country Status (1)
Country | Link |
---|---|
US (2) | US9740390B2 (en) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9591015B1 (en) | 2014-03-28 | 2017-03-07 | Fireeye, Inc. | System and method for offloading packet processing and static analysis operations |
US10805340B1 (en) | 2014-06-26 | 2020-10-13 | Fireeye, Inc. | Infection vector and malware tracking with an interactive user display |
US9690933B1 (en) | 2014-12-22 | 2017-06-27 | Fireeye, Inc. | Framework for classifying an object as malicious with machine learning for deploying updated predictive models |
US9838417B1 (en) | 2014-12-30 | 2017-12-05 | Fireeye, Inc. | Intelligent context aware user interaction for malware detection |
US10313391B1 (en) * | 2015-10-30 | 2019-06-04 | Cyberinc Corporation | Digital distillation |
US10320809B1 (en) * | 2015-10-30 | 2019-06-11 | Cyberinc Corporation | Decoupling rendering engine from web browser for security |
US10404797B2 (en) * | 2017-03-03 | 2019-09-03 | Wyse Technology L.L.C. | Supporting multiple clipboard items in a virtual desktop infrastructure environment |
CN111813566B (en) * | 2019-04-30 | 2023-01-31 | 厦门雅基软件有限公司 | Cross-process dragging method, device, equipment and computer readable storage medium |
Family Cites Families (33)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7392541B2 (en) * | 2001-05-17 | 2008-06-24 | Vir2Us, Inc. | Computer system architecture and method providing operating-system independent virus-, hacker-, and cyber-terror-immune processing environments |
US7694328B2 (en) * | 2003-10-21 | 2010-04-06 | Google Inc. | Systems and methods for secure client applications |
US20050138431A1 (en) * | 2003-12-23 | 2005-06-23 | Harrison Jay P. | Network protection software and method |
US8136149B2 (en) | 2004-06-07 | 2012-03-13 | Check Point Software Technologies, Inc. | Security system with methodology providing verified secured individual end points |
US7587594B1 (en) * | 2004-08-30 | 2009-09-08 | Microsoft Corporation | Dynamic out-of-process software components isolation for trustworthiness execution |
AU2005321876B2 (en) | 2004-12-31 | 2011-07-07 | Ntrepid, Llc | System for protecting identity in a network environment |
US8151323B2 (en) * | 2006-04-12 | 2012-04-03 | Citrix Systems, Inc. | Systems and methods for providing levels of access and action control via an SSL VPN appliance |
US20080016339A1 (en) | 2006-06-29 | 2008-01-17 | Jayant Shukla | Application Sandbox to Detect, Remove, and Prevent Malware |
JP5242405B2 (en) | 2006-10-04 | 2013-07-24 | 古河電気工業株式会社 | Optical fiber and optical fiber transmission line |
US7797746B2 (en) * | 2006-12-12 | 2010-09-14 | Fortinet, Inc. | Detection of undesired computer files in archives |
US8756683B2 (en) * | 2006-12-13 | 2014-06-17 | Microsoft Corporation | Distributed malicious software protection in file sharing environments |
US8655939B2 (en) * | 2007-01-05 | 2014-02-18 | Digital Doors, Inc. | Electromagnetic pulse (EMP) hardened information infrastructure with extractor, cloud dispersal, secure storage, content analysis and classification and method therefor |
US8468244B2 (en) * | 2007-01-05 | 2013-06-18 | Digital Doors, Inc. | Digital information infrastructure and method for security designated data and with granular data stores |
US20080320594A1 (en) * | 2007-03-19 | 2008-12-25 | Xuxian Jiang | Malware Detector |
US8065391B2 (en) | 2007-04-19 | 2011-11-22 | Hugh Olliphant | System and method for selecting and displaying webpages |
US20080301562A1 (en) | 2007-04-27 | 2008-12-04 | Josef Berger | Systems and Methods for Accelerating Access to Web Resources by Linking Browsers |
US20100178953A1 (en) * | 2007-06-15 | 2010-07-15 | Nokia Corporation | Collaborative Data Sharing |
US8839431B2 (en) * | 2008-05-12 | 2014-09-16 | Enpulz, L.L.C. | Network browser based virus detection |
US9237166B2 (en) * | 2008-05-13 | 2016-01-12 | Rpx Corporation | Internet search engine preventing virus exchange |
US8245296B2 (en) * | 2008-05-23 | 2012-08-14 | Verizon Patent And Licensing Inc. | Malware detection device |
US8997205B1 (en) | 2008-06-27 | 2015-03-31 | Symantec Corporation | Method and apparatus for providing secure web transactions using a secure DNS server |
US8745361B2 (en) * | 2008-12-02 | 2014-06-03 | Microsoft Corporation | Sandboxed execution of plug-ins |
US20100153968A1 (en) * | 2008-12-11 | 2010-06-17 | Christof Engel | External rendering of clipboard data |
EP2443574A4 (en) | 2009-06-19 | 2014-05-07 | Blekko Inc | Scalable cluster database |
US8832829B2 (en) * | 2009-09-30 | 2014-09-09 | Fireeye, Inc. | Network-based binary file extraction and analysis for malware detection |
KR101070614B1 (en) * | 2009-12-18 | 2011-10-10 | 한국인터넷진흥원 | Malicious traffic isolation system using botnet infomation and malicious traffic isolation method using botnet infomation |
US8589947B2 (en) | 2010-05-11 | 2013-11-19 | The Trustees Of Columbia University In The City Of New York | Methods, systems, and media for application fault containment |
US9100425B2 (en) * | 2010-12-01 | 2015-08-04 | Cisco Technology, Inc. | Method and apparatus for detecting malicious software using generic signatures |
WO2013079113A1 (en) | 2011-12-01 | 2013-06-06 | Fundacio Privada Barcelona Digital Centre Tecnologic | Secure cloud browsing client-server system and method of secure remote browsing using the same |
US8935581B2 (en) * | 2012-04-19 | 2015-01-13 | Netflix, Inc. | Upstream fault detection |
US9325775B2 (en) * | 2012-09-11 | 2016-04-26 | Google Inc. | Clipboard |
US20140259171A1 (en) * | 2013-03-11 | 2014-09-11 | Spikes, Inc. | Tunable intrusion prevention with forensic analysis |
US20140283071A1 (en) * | 2013-03-12 | 2014-09-18 | Spikes, Inc. | Application malware isolation via hardware separation |
-
2014
- 2014-03-11 US US14/205,023 patent/US9740390B2/en not_active Expired - Fee Related
-
2017
- 2017-07-14 US US15/650,710 patent/US20180129393A1/en not_active Abandoned
Also Published As
Publication number | Publication date |
---|---|
US20140258384A1 (en) | 2014-09-11 |
US9740390B2 (en) | 2017-08-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20180129393A1 (en) | Dynamic clip analysis | |
US10447560B2 (en) | Data leakage protection in cloud applications | |
US10785305B2 (en) | Automatic file storage and sharing | |
US9519794B2 (en) | Desktop redaction and masking | |
US20170103047A1 (en) | Mechanisms to Compose, Execute, Save, and Retrieve Hyperlink Pipelines in Web Browsers | |
US20140283071A1 (en) | Application malware isolation via hardware separation | |
US9158778B2 (en) | Techniques for content services | |
US10785282B2 (en) | Link file sharing and synchronization | |
RU2595533C2 (en) | System for displaying mail attachments on web mail page | |
US9305170B1 (en) | Systems and methods for securely providing information external to documents | |
US8930401B2 (en) | Accessing and providing access to computer files over a computer network | |
US10970236B2 (en) | System and method for optimized input/output to an object storage system | |
US8239403B2 (en) | Enhancing soft file system links | |
US20160191531A1 (en) | Method for file scrubbing in a security gateway for threat prevention | |
US20230101774A1 (en) | Techniques for performing clipboard-to-file paste operations | |
US11516279B2 (en) | Systems and methods for accessing multiple resources via one identifier | |
US10664292B2 (en) | Web-based graphical user interface display system | |
US11747966B2 (en) | Detecting paste and other types of user activities in computer environment | |
US20120215908A1 (en) | Method and system for detecting improper operation and computer-readable non-transitory storage medium | |
US8898207B2 (en) | Specifying options in filenames and multiplexing the options onto file access operations of a file system | |
US11558455B2 (en) | Capturing data in data transfer appliance for transfer to a cloud-computing platform | |
Chavarriaga et al. | Scaling the deployment of virtual machines in UnaCloud | |
US20190356725A1 (en) | Generating client applications from service model descriptions | |
US9881012B1 (en) | Efficient interruption or termination of archive operations | |
US11409716B2 (en) | File conflict detection |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |
|
AS | Assignment |
Owner name: SPIKES, INC., CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:SPIKES, BRANDEN L.;SIMS, WALTER;REEL/FRAME:050755/0182 Effective date: 20140310 Owner name: CYBERINC CORPORATION, CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SPIKES, INC.;REEL/FRAME:050755/0199 Effective date: 20190604 |