US20180129393A1 - Dynamic clip analysis - Google Patents

Dynamic clip analysis Download PDF

Info

Publication number
US20180129393A1
US20180129393A1 US15/650,710 US201715650710A US2018129393A1 US 20180129393 A1 US20180129393 A1 US 20180129393A1 US 201715650710 A US201715650710 A US 201715650710A US 2018129393 A1 US2018129393 A1 US 2018129393A1
Authority
US
United States
Prior art keywords
client
remote
remote application
content
clipboard
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US15/650,710
Inventor
Branden L. Spikes
Walter Sims
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Cyberinc Corp
Original Assignee
Spikes Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Spikes Inc filed Critical Spikes Inc
Priority to US15/650,710 priority Critical patent/US20180129393A1/en
Publication of US20180129393A1 publication Critical patent/US20180129393A1/en
Assigned to Spikes, Inc. reassignment Spikes, Inc. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: SIMS, WALTER, Spikes, Branden L.
Assigned to Cyberinc Corporation reassignment Cyberinc Corporation ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: Spikes, Inc.
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/048Interaction techniques based on graphical user interfaces [GUI]
    • G06F3/0484Interaction techniques based on graphical user interfaces [GUI] for the control of specific functions or operations, e.g. selecting or manipulating an object, an image or a displayed text element, setting a parameter value or selecting a range
    • G06F3/0486Drag-and-drop
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/543User-generated data transfer, e.g. clipboards, dynamic data exchange [DDE], object linking and embedding [OLE]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • H04L67/025Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic

Definitions

  • FIG. 1 is a conceptual block diagram showing an exemplary embodiment of a dynamic clip analysis system for use in a networked server-client system.
  • FIG. 2 is a flowchart of a method for dynamic clip analysis in a networked server-client system.
  • the clipboard is a software utility that can be used for short-term data storage and/or data transfer between documents or applications, via copy and paste operations.
  • drag and drop is a software utility that can be performed on objects to transfer data between documents or applications. These two utilities are most commonly part of a graphical user interface (GUI) environment.
  • GUI graphical user interface
  • An operating system may comprise one clipboard.
  • An operating system may comprise multiple clipboards.
  • An operating system may comprise one drag and drop utility.
  • An operating system may comprise multiple drag and drop utilities.
  • a typical application accesses clipboard functionality by mapping to these interfaces client input such as one or more of key bindings, menu selections, and the like.
  • a typical application may access drag and drop by touch-dragging movements.
  • a typical application may access drag and drop via a series of sequential interactions by one or more of a mouse, a glide pad, and an analogous device. For example, one typical series of sequential interactions that may access drag and drop is a click, a hold, a drag, and a release.
  • the data contained within a clipboard or within a drag and drop can take many forms, with varying degrees of risk of malicious software, also known as malware. If unchecked, these facilities can be used to transmit malware through the browser link.
  • user interfaces for a clipboard and for drag and drop are not necessarily designed to provide the optimum controls, feedback, and performance when one or more of these two utilities is used over network links.
  • Clipboards are traditionally comprised in a single computer and share memory space, so copy and paste functions are substantially instantaneous. Remote clipboards may suffer from time delays due to network latency, which may create confusion for clients expecting instant access to clipboard data.
  • Many existing virtual desktop infrastructures (VDI's) and remote application systems permit the use of a clipboard over a network. Typically such systems do not provider a client with feedback about the time that may be required for transmission of large amounts of data.
  • VDI's virtual desktop infrastructures
  • GB gigabytes
  • a balloon may pop up to provide the client with an indication of the status of the data transfer and the estimated time to complete the transfer.
  • the remote operating system may analyze which data type is in the clipboard and may process the data. According to other embodiments of the invention, the remote operating system may securely apply the action that is most appropriate for that data. According to embodiments of the invention, the remote operating system may access a table comprising one or more of data types and mechanisms for processing the data. According to embodiments of the invention, the mechanisms for processing the data may comprise scrubbing the data to cleanse any malicious content. According to embodiments of the invention, data that is not cleanly processed or that is forbidden by the policy set by the client may not be allowed permission to be copied to the clipboard or to be pasted over the network. According to yet other embodiments of the invention, the analyzed and processed data may be transmitted to the client.
  • Examples of supported clipboard data types may include, but are not limited to one or more of text content, image content, video content, word processing content, presentation content, spreadsheet content, zip content, text Hypertext Markup Language (HTML) content, Portable Document Format (PDF) content, and other content of interest.
  • text content image content, video content, word processing content, presentation content, spreadsheet content, zip content, text Hypertext Markup Language (HTML) content, Portable Document Format (PDF) content, and other content of interest.
  • HTML Hypertext Markup Language
  • PDF Portable Document Format
  • image content comprises one or more of Joint Photographic Experts Group (JPEG) content, graphic interchange format (GIF) content, Portable Network Graphics (PNG) content, and other image content.
  • JPEG Joint Photographic Experts Group
  • GIF graphic interchange format
  • PNG Portable Network Graphics
  • video content comprises one or more of Flash Video File (FLV) content, Motion Picture Experts Group (MPG) video content, Motion Picture Experts Group 4 (MP4) video content, Windows Media Video (WMV) content, and other video content.
  • FLV Flash Video File
  • MPG Motion Picture Experts Group
  • MP4 Motion Picture Experts Group 4
  • WMV Windows Media Video
  • word processing content comprises one or more of Microsoft Word content, WordPerfect content, Apple Pages content, Google Docs content, Ted content, and other word processing content.
  • presentation content comprises one or more of Microsoft Power Point content, Corel Presentations content, Apple Keynote content, Lotus Freelance Graphics content, and other presentation content.
  • spreadsheet content comprises one or more of Microsoft Excel content, Quattro Pro content, Apple Numbers content, Lotus 1-2-3 content, and other spreadsheet content.
  • any potential binary data may be stripped out.
  • the remote operating system if after analyzing and processing the received data, the remote operating system identifies the received data as valid content, the remote operating system re-encodes the received data while excluding potentially malicious data.
  • the processing comprises excluding potentially malicious data, for example, a potentially corrupted image.
  • the remote operating system determines that the data does not match a supported data type, the remote operating system denies permission to the non-supported data. If the remote operating system determines that the data is not consistent with one or more of remote administrator specifications that may be provided by the client and remote administrator instructions that may be provided by the client, the remote operating system denies permission to the non-supported data.
  • the scrubbed data may be sent to the client.
  • feedback and control systems may perform one or more of showing the progress of the network transfer, allowing the client to cancel the process, showing an estimated transfer time, and the like.
  • duplicate transfer operations may be detected and stopped so as to conserve bandwidth.
  • FIG. 1 is a conceptual block diagram showing an exemplary embodiment 100 of a dynamic clip analysis system for use in a networked server-client system. Depicted is a server-client system 100 where the client 110 is a client device 110 .
  • the client device 110 may be one or more of a personal computer, a laptop computer, a mobile computing device, a tablet, and the like.
  • the client 110 may comprise a client operating system 112 .
  • the client operating system 112 may comprise one or more of a client-side clipboard 115 and a client-side drag and drop utility 120 .
  • the client operating system 112 may also comprise data in various formats.
  • the client operating system 112 may comprise one or more of client-side links 125 , client-side text data 130 , client-side binary data 135 , client-side objects 140 , a client-side remote application module 150 , and another data format 155 .
  • the other data format 155 may comprise one or more of an HTML object, an Object Linking and Embedding (OLE) object, hexadecimal data, and another data format.
  • the client 110 may also comprise a client-side remote application module 150 .
  • One or more of the client-side links 125 , the client-side text data 130 , the client-side binary data 135 , and the client-side objects 140 may transfer data to the client-side clipboard 115 via a client-side copy action 165 , and a client-side remote application module 150 .
  • One or more of the client-side links 125 , the client-side text data 130 , the client-side binary data 135 , and the client-side objects 140 may transfer data to the client-side drag and drop utility 120 via a client-side drag and drop action 166 .
  • the client operating system 112 may additionally comprise client-side storage 167 .
  • the client-side storage 167 comprises one or more of client-side administrator specifications 168 and client-side administrator functions 169 .
  • the client-side storage 167 is operably connected with the client-side remote application module 150 .
  • the client-side administrator specifications 168 may comprise a configurable list of one or more types of client-side data content.
  • the client-side administrator functions 169 may comprise an appropriate action to take on one or more types of client-side data content.
  • one or more of the client-side administrator specifications 168 and the client-side administrator functions 169 may comprise one or more tables configured to provide instructions as to the one or more appropriate actions for the client-side data.
  • One or more of the client-side administrator specifications and the client-side administrator functions may comprise client Intrusion Detector & Preventer (IDP) (IDP) rules.
  • IDDP Intrusion Detector & Preventer
  • the client 110 may use one or more of the client-side administrator specifications 168 and the client-side administrator functions 169 to specify desired limitations on content that is to be allowed permission by the system 100 .
  • the client 110 may specify via client-side administrator specifications 168 that all JPEG content is to be blocked.
  • the client 110 may specify via client-side administrator functions 169 that all PNG content arriving from a particular remote application is to be permitted but with a notice to be transmitted to the client 110 each time it is transmitted.
  • the client 110 may specify via client-side administrator specifications 168 that all PDF content comprising more than 100 kilobytes is to be permitted.
  • the client-side administrator specifications 168 may direct different processing for different client-side content type(s). For example, the client-side administrator specifications 168 may direct that the client-side image content scrubbed in order to cleanse it. For example, the client-side administrator specifications 168 may direct that the remote sound content be normalized and re-encoded into a Motion Picture Experts Group Audio Layer III (MP3) format in order to cleanse it.
  • MP3 Motion Picture Experts Group Audio Layer III
  • the client-side administrator functions 168 may direct that in the event the client-side image content cannot be re-encoded in order to cleanse it, an anti-virus scan should be performed on the client-side image content.
  • the client-side administrator functions 168 may direct that in the event the client-side sound content cannot be normalized and re-encoded into the MP3 format in order to cleanse it, that the client-side sound content be normalized and re-encoded into the Waveform Audio File (WAV) format in order to cleanse it.
  • WAV Waveform Audio File
  • the client-side administrator functions 168 may direct that in the event the client-side sound content cannot be normalized and re-encoded into the MP3 format and cannot be normalized and re-encoded into the WAV format in order to cleanse it, an anti-virus scan should be performed on the client-side audio content.
  • the system 100 also comprises a remote application 170 .
  • the remote application 170 may be interactively connected to the client 110 over a network 175 via the client-side remote application module 150 .
  • the client-side clipboard 115 and the client-side drag and drop utility 120 are used on a local device only. Embodiments of the invention provide these functions with advances in security relative to a network 175 , which may be slow.
  • the remote application 170 may comprise a remote operating system 180 .
  • the remote operating system 180 may comprise one or more of a remote clipboard 181 and a remote drag and drop utility 182 provided by its operating system.
  • the remote operating system 180 may also comprise one or more of remote links 185 , remote text data 184 , remote binary data 185 , and remote objects 186 .
  • the remote application 170 may also comprise a remote application processing block 187 .
  • the remote application processing block 187 can, as depicted in FIG. 1 , be separate from the remote operating system 180 .
  • the remote application processing block 187 can alternatively be comprised in the remote operating system 180 .
  • One or more of the remote links 185 , the remote text data 184 , the remote binary data 185 , and the remote objects 186 may transfer data to the remote clipboard 181 via a remote clipboard action 188 .
  • One or more of the remote links 185 , the remote text data 184 , the remote binary data 185 , and the remote objects 186 may transfer data to the remote drag and drop utility 184 via a remote drag and drop action 189 .
  • the remote application 170 may additionally comprise remote storage 190 .
  • the remote storage 190 can, as depicted in FIG. 1 , be separate from the remote operating system 180 . If the remote storage 190 is separate from the remote operating system 180 , the remote storage 190 can, as depicted in FIG. 1 , be comprised in the remote application 170 . Alternatively, the remote storage 190 can be comprised in a separate server (not shown), connect by another network connection (not shown) to the remote application 106 . The remote storage 190 can alternatively be comprised in the remote operating system 180 . Regardless of where it is located, the remote storage 190 is operably connected with the remote application processing block 187 .
  • the remote storage 190 comprises one or more of remote administrator specifications 191 and remote administrator instructions 192 .
  • the remote administrator specifications 191 may comprise a configurable list of one or more types of remote data content.
  • the remote administrator instructions 192 may comprise an appropriate action to take on one or more types of remote data content.
  • one or more of the remote administrator specifications 191 and the remote administrator instructions 192 may comprise one or more tables configured to provide instructions as to the one or more appropriate actions for the remote data.
  • the remote application 170 may use one or more of the remote administrator specifications 191 and the remote administrator instructions 192 to specify desired limitations on content that is to be allowed permission by the system 100 .
  • the client 110 may specify via remote administrator specifications 191 that all JPEG content is to be blocked.
  • the client 110 may specify via remote administrator instructions 192 that all PNG content arriving from a particular remote application is to be permitted but with a notice to be transmitted to the client 110 each time it is transmitted.
  • the client 110 may specify via remote administrator specifications 191 that all PDF content comprising more than 100 kilobytes is to be permitted.
  • the remote administrator specifications 191 may direct different processing for different remote content type(s). For example, the remote administrator specifications 191 may direct that the remote image content be scrubbed in order to cleanse it. For example, the remote administrator specifications 191 may direct that the remote sound content be normalized and re-encoded into an MP3 format in order to cleanse it.
  • the remote administrator instructions 192 may direct that in the event the remote image content cannot be re-encoded in order to cleanse it, an anti-virus scan should be performed on the remote image content.
  • the remote administrator instructions 192 may direct that in the event the remote sound content cannot be normalized and re-encoded into the MP3 format in order to cleanse it, that the remote sound content be normalized and re-encoded into the Waveform Audio File (WAV) format in order to cleanse it.
  • WAV Waveform Audio File
  • the remote administrator instructions 192 may direct that in the event the remote sound content cannot be normalized and re-encoded into the MP3 format and cannot be normalized and re-encoded into the WAV format in order to cleanse it, an anti-virus scan should be performed on the remote audio content.
  • the flow of data may occur from the client 110 to the remote application 170 . Alternatively, or additionally, the flow of data may occur from the remote application 170 to the client 110 .
  • the client-side remote application module 150 initiates a client-side clipboard transfer action 193 A.
  • the client-side clipboard transfer action 193 A transfers data from the client-side clipboard 115 to the client-side remote application module 150 .
  • the client-side remote application module 150 initiates the client-side drag and drop transfer action 193 B.
  • the client-side drag and drop transfer action 193 B transfers data from the client-side drag and drop utility 120 to the client-side remote application module 150 .
  • un-cleansed client data may be transmitted via a client-to-remote application transfer action 194 from the client-side remote application module 150 via the network 175 to the remote application processing block 187 .
  • the remote application processing block 187 in response to the client-to-remote application transfer action 194 , the remote application processing block 187 initiates a corresponding remote clipboard transfer action 195 A.
  • the corresponding remote clipboard transfer action 195 A transfers data corresponding to the client-side clipboard transfer action 193 A from the remote clipboard 181 to the remote application processing block 187 .
  • the remote application processing block 187 in response to the client-to-remote application transfer action 194 , the remote application processing block 187 initiates a corresponding remote drag and drop transfer action 195 B.
  • the corresponding remote drag and drop transfer action 195 B transfers data corresponding to the client-side drag and drop transfer action 193 B from the remote drag and drop utility 182 to the remote application processing block 187 .
  • the remote application processing block 187 analyzes the remote data received in the client-to-remote application transfer action 194 .
  • the remote application processing block 187 also analyzes the remote data received from the remote clipboard 181 in the remote clipboard transfer action 195 A.
  • the remote application processing block 187 analyzes the remote data received in the remote drag and drop transfer action 195 B.
  • the remote application processing block 187 determines whether the received client-side data comprises one or more of client-side text content, client-side image content, client-side video content, client-side word processing content, client-side presentation content, client-side spreadsheet content, client-side zip content, client-side text HTML content, client-side PDF content, and other client-side content of interest.
  • client-side image content comprises one or more of client-side JPEG content, client-side GIF content, client-side PNG content, and other client-side image content.
  • the remote application processing block 187 After analyzing the remote data received in one or more of the remote clipboard transfer action 195 A and the remote drag and drop transfer action 195 B, the remote application processing block 187 processes the remote data.
  • the remote application processing block 187 accesses one or more of remote administrator specifications 191 and remote administrator instructions 192 , which the remote application processing block 187 applies to determine the most appropriate methods for processing the remote data.
  • one or more of the remote administrator specifications 191 and the remote administrator instructions 192 may comprise one or more tables configured to provide instructions as to processing the remote data.
  • the processing of the remote data by the remote application processing block 187 may comprise scrubbing the remote data of potentially malicious content, for example, malware.
  • the processing of the remote data by the remote application processing block 187 may comprise blocking the remote data based on one or more of remote administrator specifications 191 and remote administrator instructions 192 .
  • remote administrator specifications 191 may specify that all JPEG content is to be blocked.
  • the processing of the remote data may comprise applying security mechanisms configured to scrub the remote content of potentially malicious content, for example, malware.
  • the remote application processing block 187 re-encodes the remote data, which is now free of potentially malicious data and is also compliant with one or more of the remote administrator specifications 191 and the remote administrator instructions 192 .
  • the remote application processing block 187 then transmits the processed, re-encoded data to the client 110 via the remote application-to-client transfer action 197 .
  • the remote application processing block 187 also can perform feedback and control functions.
  • the feedback and control functions performed by the remote application processing block 187 may be directed in part or in whole by one or more of the remote administrator specifications 191 and the remote administrator instructions 192 .
  • the feedback and control functions performed by the remote application processing block 187 may comprise one or more of showing the progress of a client to remote application transfer action 194 , showing the progress of a remote application to client transfer action 197 , allowing the client 110 to cancel the process, showing an estimated transfer time of a client to remote application transfer action 194 , showing an estimated transfer time of a remote application to client transfer action 197 , and de-duplication measures to prevent duplicate transmissions.
  • the remote application processing block 187 After determining the remote data received in one or more of the remote clipboard transfer action 195 A and the remote drag and drop transfer action 195 B, the remote application processing block 187 optionally consults one or more of remote administrator specifications 191 and remote administrator instructions 192 to obtain input on how to process the remote data.
  • the remote application processing block 187 re-encodes the remote data, which is now free of potentially malicious data and is also compliant with one or more of remote administrator specifications 191 and remote administrator instructions 192 .
  • the remote application processing block 187 then transmits the processed, re-encoded data via a remote application-to-client transfer action 197 from the remote application processing block 187 via the network 175 to the client-side remote application module 150 .
  • the client-side remote application module 150 also can perform feedback and control functions.
  • the feedback and control functions performed by the client-side remote application module 150 may be directed in part or in whole by one or more of the client-side administrator specifications 168 and the remote administrator functions 169 .
  • the feedback and control functions performed by the client-side remote application module 150 may comprise one or more of showing the progress of a client to remote application transfer action 194 , showing the progress of a remote application to client transfer action 197 , allowing the client 110 to cancel the process, showing an estimated transfer time of a client to remote application transfer action 194 , showing an estimated transfer time of a remote application to client transfer action 197 , and de-duplication measures to prevent duplicate transmissions.
  • the remote application processing block 187 After analyzing the remote data received in one or more of the remote clipboard transfer action 195 A and the remote drag and drop transfer action 195 B, the remote application processing block 187 optionally consults one or more of the remote administrator specifications 191 and the remote administrator instructions 192 to obtain input on how to process the received remote data.
  • the client-side remote application module 150 analyzes the remote-side data received in the remote application-to-client transfer action 197 .
  • the client-side remote application module 150 also analyzes the client-side data from the client-side clipboard 115 in the client-side clipboard transfer action 193 A.
  • the client-side remote application module 150 analyzes the type(s) of data in the client-side drag and drop transfer action 193 B.
  • the client-side remote application module 150 determines whether the client-side data comprises one or more of client-side text content, client-side image content, client-side video content, client-side word processing content, client-side presentation content, client-side spreadsheet content, client-side zip content, client-side text HTML content, client-side PDF content, and other client-side content of interest.
  • client-side image content comprises one or more of client-side JPEG content, client-side GIF content, client-side PNG content, and other client-side image content.
  • the client-side remote application module 150 After analyzing the client-side data received in one or more of the client-side clipboard transfer action 193 A and the client-side drag and drop transfer action 193 B, the client-side remote application module 150 processes the client-side data.
  • the client-side remote application module 150 accesses one or more of client-side administrator specifications 168 and client-side administrator functions 169 , which the client-side remote application module 150 applies to determine the most appropriate methods for processing the client-side data.
  • one or more of the client-side administrator specifications 168 and the client-side administrator functions 169 may comprise one or more tables configured to provide instructions as to processing the client-side data.
  • the processing of the client-side data by the client-side remote application module 150 may comprise scrubbing the client-side data of potentially malicious content, for example, malware.
  • the processing of the client-side data by the client-side remote application module 150 may comprise blocking the client-side data based on one or more of client-side administrator specifications 168 and client-side administrator functions 169 .
  • client-side administrator specifications 168 may specify that all JPEG content is to be blocked.
  • the processing of the client-side data may comprise applying security mechanisms configured to scrub the client-side content of potentially malicious content, for example, malware.
  • the client-side remote application module 150 re-encodes the client-side data, which is now free of potentially malicious data and is also compliant with one or more of client-side administrator specifications 168 and client-side administrator functions 169 .
  • the client-side remote application module 150 then transmits the processed, re-encoded data to the client 110 via the remote application-to-client transfer action 197 .
  • the client-side remote application module 150 After analyzing the client-side data received in one or more of the client-side clipboard transfer action 193 A and the client-side drag and drop transfer action 193 B, the client-side remote application module 150 optionally consults one or more of the client-side administrator specifications 168 and the client-side administrator functions 169 to obtain input on how to process the client-side content type(s).
  • FIG. 2 is a flowchart of a method 200 for dynamic clip analysis in a networked server-client system.
  • the order of the steps in the method 200 is not constrained to that shown in FIG. 2 nor is it constrained to that described in the following discussion. Several of the steps could occur in a different order without affecting the final result.
  • the remote application receives from the client client-side content analysis performed at the client of one or more of a client-side clipboard and a client-side drag and drop utility. Block 210 then transfers control to block 220 .
  • Block 220 the remote application applies the received client-side content analysis. Block 220 then transfers control to block 230 .
  • the remote application receives remote content from one or more of a remote clipboard and a remote drag and drop utility. Block 230 then transfers control to block 240 .
  • Block 240 the remote application analyzes the remote content. Block 240 then transfers control to block 250 .
  • Block 250 the remote application processes the remote content. Block 250 then transfers control to block 260 .
  • Block 260 the remote application re-encodes the remote content. Block 260 then terminates the process.

Abstract

A dynamic clip analysis system for use in a networked server-client system includes: a client including a client-side remote application module configured to analyze content from one or more of a client-side clipboard and a client-side drag and drop utility; and a remote application interactively connected with the client over a network via the client-side remote application module, the remote application including: one or more of a remote clipboard and a remote drag and drop utility; and a client-side remote application module configured to analyze content from one or more of the remote clipboard and the remote drag and drop utility, so as to perform dynamic clip analysis in the server-client system.

Description

    PRIORITY CLAIM
  • The present application claims the priority benefit of U.S. provisional patent application No. 61/775,854 filed Mar. 11, 2013 and entitled “Dynamic Clip Analysis,” the disclosure of which is incorporated herein by reference.
    • CROSS-REFERENCE TO RELATED APPLICATIONS
  • This application contains subject matter that is related to the subject matter of the following applications, which are assigned to the same assignee as this application. The below-listed U.S. patent applications are hereby incorporated herein by reference in their entirety:
      • “TUNABLE INTRUSION PREVENTION WITH FORENSIC ANALYSIS,” by Spikes and Sims, co-filed herewith.
      • “APPLICATION MALWARE ISOLATION VIA HARDWARE SEPARATION,” by Spikes, to be filed on Mar. 12, 2014, to claim the priority benefit of U.S. provisional patent application No. 61/777,545 filed Mar. 12, 2013 and entitled “Application Malware Isolation Via Hardware Separation.”
    SUMMARY Description of the Drawings
  • FIG. 1 is a conceptual block diagram showing an exemplary embodiment of a dynamic clip analysis system for use in a networked server-client system.
  • FIG. 2 is a flowchart of a method for dynamic clip analysis in a networked server-client system.
    • DETAILED DESCRIPTION
  • The clipboard is a software utility that can be used for short-term data storage and/or data transfer between documents or applications, via copy and paste operations. Similarly, drag and drop is a software utility that can be performed on objects to transfer data between documents or applications. These two utilities are most commonly part of a graphical user interface (GUI) environment. The clipboard and drag and drop can typically be accessed via defined programming interfaces from most or all programs within the environment.
  • An operating system may comprise one clipboard. An operating system may comprise multiple clipboards. An operating system may comprise one drag and drop utility. An operating system may comprise multiple drag and drop utilities. A typical application accesses clipboard functionality by mapping to these interfaces client input such as one or more of key bindings, menu selections, and the like. A typical application may access drag and drop by touch-dragging movements. Alternatively, or additionally, a typical application may access drag and drop via a series of sequential interactions by one or more of a mouse, a glide pad, and an analogous device. For example, one typical series of sequential interactions that may access drag and drop is a click, a hold, a drag, and a release. The data contained within a clipboard or within a drag and drop can take many forms, with varying degrees of risk of malicious software, also known as malware. If unchecked, these facilities can be used to transmit malware through the browser link. In addition, user interfaces for a clipboard and for drag and drop are not necessarily designed to provide the optimum controls, feedback, and performance when one or more of these two utilities is used over network links.
  • Clipboards are traditionally comprised in a single computer and share memory space, so copy and paste functions are substantially instantaneous. Remote clipboards may suffer from time delays due to network latency, which may create confusion for clients expecting instant access to clipboard data. Many existing virtual desktop infrastructures (VDI's) and remote application systems permit the use of a clipboard over a network. Typically such systems do not provider a client with feedback about the time that may be required for transmission of large amounts of data. According to embodiments of the invention, if a client tries to cut and paste 2 gigabytes (GB) of data over a network, the client will be informed regarding the expected transfer time. According to embodiments of the invention, a balloon may pop up to provide the client with an indication of the status of the data transfer and the estimated time to complete the transfer.
  • According to embodiments of the invention, if a client is pasting from the clipboard or is dragging and dropping an object, the remote operating system may analyze which data type is in the clipboard and may process the data. According to other embodiments of the invention, the remote operating system may securely apply the action that is most appropriate for that data. According to embodiments of the invention, the remote operating system may access a table comprising one or more of data types and mechanisms for processing the data. According to embodiments of the invention, the mechanisms for processing the data may comprise scrubbing the data to cleanse any malicious content. According to embodiments of the invention, data that is not cleanly processed or that is forbidden by the policy set by the client may not be allowed permission to be copied to the clipboard or to be pasted over the network. According to yet other embodiments of the invention, the analyzed and processed data may be transmitted to the client.
  • Examples of supported clipboard data types may include, but are not limited to one or more of text content, image content, video content, word processing content, presentation content, spreadsheet content, zip content, text Hypertext Markup Language (HTML) content, Portable Document Format (PDF) content, and other content of interest.
  • For example, image content comprises one or more of Joint Photographic Experts Group (JPEG) content, graphic interchange format (GIF) content, Portable Network Graphics (PNG) content, and other image content.
  • For example, video content comprises one or more of Flash Video File (FLV) content, Motion Picture Experts Group (MPG) video content, Motion Picture Experts Group 4 (MP4) video content, Windows Media Video (WMV) content, and other video content.
  • For example, word processing content comprises one or more of Microsoft Word content, WordPerfect content, Apple Pages content, Google Docs content, Ted content, and other word processing content.
  • For example, presentation content comprises one or more of Microsoft Power Point content, Corel Presentations content, Apple Keynote content, Lotus Freelance Graphics content, and other presentation content.
  • For example, spreadsheet content comprises one or more of Microsoft Excel content, Quattro Pro content, Apple Numbers content, Lotus 1-2-3 content, and other spreadsheet content. According to embodiments of the invention, if the remote operating system identifies the data as text data, any potential binary data may be stripped out.
  • According to other embodiments of the invention, if after analyzing and processing the received data, the remote operating system identifies the received data as valid content, the remote operating system re-encodes the received data while excluding potentially malicious data. According to still other embodiments of the invention, the processing comprises excluding potentially malicious data, for example, a potentially corrupted image.
  • If the remote operating system determines that the data does not match a supported data type, the remote operating system denies permission to the non-supported data. If the remote operating system determines that the data is not consistent with one or more of remote administrator specifications that may be provided by the client and remote administrator instructions that may be provided by the client, the remote operating system denies permission to the non-supported data.
  • According to embodiments of the invention, after the data is analyzed, processed and scrubbed, the scrubbed data may be sent to the client. According to embodiments of the invention, feedback and control systems may perform one or more of showing the progress of the network transfer, allowing the client to cancel the process, showing an estimated transfer time, and the like. According to embodiments of the invention, duplicate transfer operations may be detected and stopped so as to conserve bandwidth.
  • FIG. 1 is a conceptual block diagram showing an exemplary embodiment 100 of a dynamic clip analysis system for use in a networked server-client system. Depicted is a server-client system 100 where the client 110 is a client device 110. For example, the client device 110 may be one or more of a personal computer, a laptop computer, a mobile computing device, a tablet, and the like.
  • The client 110 may comprise a client operating system 112. The client operating system 112 may comprise one or more of a client-side clipboard 115 and a client-side drag and drop utility 120. The client operating system 112 may also comprise data in various formats. For example, the client operating system 112 may comprise one or more of client-side links 125, client-side text data 130, client-side binary data 135, client-side objects 140, a client-side remote application module 150, and another data format 155. The other data format 155 may comprise one or more of an HTML object, an Object Linking and Embedding (OLE) object, hexadecimal data, and another data format. The client 110 may also comprise a client-side remote application module 150.
  • One or more of the client-side links 125, the client-side text data 130, the client-side binary data 135, and the client-side objects 140 may transfer data to the client-side clipboard 115 via a client-side copy action 165, and a client-side remote application module 150. One or more of the client-side links 125, the client-side text data 130, the client-side binary data 135, and the client-side objects 140 may transfer data to the client-side drag and drop utility 120 via a client-side drag and drop action 166.
  • The client operating system 112 may additionally comprise client-side storage 167. The client-side storage 167 comprises one or more of client-side administrator specifications 168 and client-side administrator functions 169. The client-side storage 167 is operably connected with the client-side remote application module 150.
  • For example, the client-side administrator specifications 168 may comprise a configurable list of one or more types of client-side data content. For example, the client-side administrator functions 169 may comprise an appropriate action to take on one or more types of client-side data content. For example, one or more of the client-side administrator specifications 168 and the client-side administrator functions 169 may comprise one or more tables configured to provide instructions as to the one or more appropriate actions for the client-side data.
  • One or more of the client-side administrator specifications and the client-side administrator functions may comprise client Intrusion Detector & Preventer (IDP) (IDP) rules.
  • The client 110 may use one or more of the client-side administrator specifications 168 and the client-side administrator functions 169 to specify desired limitations on content that is to be allowed permission by the system 100. For example, the client 110 may specify via client-side administrator specifications 168 that all JPEG content is to be blocked. For example, the client 110 may specify via client-side administrator functions 169 that all PNG content arriving from a particular remote application is to be permitted but with a notice to be transmitted to the client 110 each time it is transmitted. For example, the client 110 may specify via client-side administrator specifications 168 that all PDF content comprising more than 100 kilobytes is to be permitted.
  • For example, the client-side administrator specifications 168 may direct different processing for different client-side content type(s). For example, the client-side administrator specifications 168 may direct that the client-side image content scrubbed in order to cleanse it. For example, the client-side administrator specifications 168 may direct that the remote sound content be normalized and re-encoded into a Motion Picture Experts Group Audio Layer III (MP3) format in order to cleanse it.
  • For example, the client-side administrator functions 168 may direct that in the event the client-side image content cannot be re-encoded in order to cleanse it, an anti-virus scan should be performed on the client-side image content. For example, the client-side administrator functions 168 may direct that in the event the client-side sound content cannot be normalized and re-encoded into the MP3 format in order to cleanse it, that the client-side sound content be normalized and re-encoded into the Waveform Audio File (WAV) format in order to cleanse it. For example, the client-side administrator functions 168 may direct that in the event the client-side sound content cannot be normalized and re-encoded into the MP3 format and cannot be normalized and re-encoded into the WAV format in order to cleanse it, an anti-virus scan should be performed on the client-side audio content.
  • The system 100 also comprises a remote application 170. The remote application 170 may be interactively connected to the client 110 over a network 175 via the client-side remote application module 150. Typically, the client-side clipboard 115 and the client-side drag and drop utility 120 are used on a local device only. Embodiments of the invention provide these functions with advances in security relative to a network 175, which may be slow.
  • The remote application 170 may comprise a remote operating system 180. The remote operating system 180 may comprise one or more of a remote clipboard 181 and a remote drag and drop utility 182 provided by its operating system. The remote operating system 180 may also comprise one or more of remote links 185, remote text data 184, remote binary data 185, and remote objects 186. The remote application 170 may also comprise a remote application processing block 187. The remote application processing block 187 can, as depicted in FIG. 1, be separate from the remote operating system 180. The remote application processing block 187 can alternatively be comprised in the remote operating system 180.
  • One or more of the remote links 185, the remote text data 184, the remote binary data 185, and the remote objects 186 may transfer data to the remote clipboard 181 via a remote clipboard action 188. One or more of the remote links 185, the remote text data 184, the remote binary data 185, and the remote objects 186 may transfer data to the remote drag and drop utility 184 via a remote drag and drop action 189.
  • The remote application 170 may additionally comprise remote storage 190. The remote storage 190 can, as depicted in FIG. 1, be separate from the remote operating system 180. If the remote storage 190 is separate from the remote operating system 180, the remote storage 190 can, as depicted in FIG. 1, be comprised in the remote application 170. Alternatively, the remote storage 190 can be comprised in a separate server (not shown), connect by another network connection (not shown) to the remote application 106. The remote storage 190 can alternatively be comprised in the remote operating system 180. Regardless of where it is located, the remote storage 190 is operably connected with the remote application processing block 187.
  • The remote storage 190 comprises one or more of remote administrator specifications 191 and remote administrator instructions 192. For example, the remote administrator specifications 191 may comprise a configurable list of one or more types of remote data content. For example, the remote administrator instructions 192 may comprise an appropriate action to take on one or more types of remote data content. For example, one or more of the remote administrator specifications 191 and the remote administrator instructions 192 may comprise one or more tables configured to provide instructions as to the one or more appropriate actions for the remote data.
  • The remote application 170 may use one or more of the remote administrator specifications 191 and the remote administrator instructions 192 to specify desired limitations on content that is to be allowed permission by the system 100. For example, the client 110 may specify via remote administrator specifications 191 that all JPEG content is to be blocked. For example, the client 110 may specify via remote administrator instructions 192 that all PNG content arriving from a particular remote application is to be permitted but with a notice to be transmitted to the client 110 each time it is transmitted. For example, the client 110 may specify via remote administrator specifications 191 that all PDF content comprising more than 100 kilobytes is to be permitted.
  • For example, the remote administrator specifications 191 may direct different processing for different remote content type(s). For example, the remote administrator specifications 191 may direct that the remote image content be scrubbed in order to cleanse it. For example, the remote administrator specifications 191 may direct that the remote sound content be normalized and re-encoded into an MP3 format in order to cleanse it.
  • For example, the remote administrator instructions 192 may direct that in the event the remote image content cannot be re-encoded in order to cleanse it, an anti-virus scan should be performed on the remote image content. For example, the remote administrator instructions 192 may direct that in the event the remote sound content cannot be normalized and re-encoded into the MP3 format in order to cleanse it, that the remote sound content be normalized and re-encoded into the Waveform Audio File (WAV) format in order to cleanse it. For example, the remote administrator instructions 192 may direct that in the event the remote sound content cannot be normalized and re-encoded into the MP3 format and cannot be normalized and re-encoded into the WAV format in order to cleanse it, an anti-virus scan should be performed on the remote audio content.
  • The flow of data may occur from the client 110 to the remote application 170. Alternatively, or additionally, the flow of data may occur from the remote application 170 to the client 110.
  • At the client 110, the client-side remote application module 150 initiates a client-side clipboard transfer action 193A. The client-side clipboard transfer action 193A transfers data from the client-side clipboard 115 to the client-side remote application module 150.
  • Alternatively, or additionally, at the client 110, the client-side remote application module 150 initiates the client-side drag and drop transfer action 193B. The client-side drag and drop transfer action 193B transfers data from the client-side drag and drop utility 120 to the client-side remote application module 150.
  • At the client 110, un-cleansed client data may be transmitted via a client-to-remote application transfer action 194 from the client-side remote application module 150 via the network 175 to the remote application processing block 187.
  • At the remote application 170, in response to the client-to-remote application transfer action 194, the remote application processing block 187 initiates a corresponding remote clipboard transfer action 195A. The corresponding remote clipboard transfer action 195A transfers data corresponding to the client-side clipboard transfer action 193A from the remote clipboard 181 to the remote application processing block 187.
  • Alternatively, or additionally, at the remote application 170, in response to the client-to-remote application transfer action 194, the remote application processing block 187 initiates a corresponding remote drag and drop transfer action 195B. The corresponding remote drag and drop transfer action 195B transfers data corresponding to the client-side drag and drop transfer action 193B from the remote drag and drop utility 182 to the remote application processing block 187.
  • The remote application processing block 187 analyzes the remote data received in the client-to-remote application transfer action 194. The remote application processing block 187 also analyzes the remote data received from the remote clipboard 181 in the remote clipboard transfer action 195A. Alternatively, or additionally, the remote application processing block 187 analyzes the remote data received in the remote drag and drop transfer action 195B. For example, the remote application processing block 187 determines whether the received client-side data comprises one or more of client-side text content, client-side image content, client-side video content, client-side word processing content, client-side presentation content, client-side spreadsheet content, client-side zip content, client-side text HTML content, client-side PDF content, and other client-side content of interest. For example, client-side image content comprises one or more of client-side JPEG content, client-side GIF content, client-side PNG content, and other client-side image content.
  • After analyzing the remote data received in one or more of the remote clipboard transfer action 195A and the remote drag and drop transfer action 195B, the remote application processing block 187 processes the remote data.
  • Optionally, the remote application processing block 187 accesses one or more of remote administrator specifications 191 and remote administrator instructions 192, which the remote application processing block 187 applies to determine the most appropriate methods for processing the remote data.
  • As noted above, one or more of the remote administrator specifications 191 and the remote administrator instructions 192 may comprise one or more tables configured to provide instructions as to processing the remote data. The processing of the remote data by the remote application processing block 187 may comprise scrubbing the remote data of potentially malicious content, for example, malware. The processing of the remote data by the remote application processing block 187 may comprise blocking the remote data based on one or more of remote administrator specifications 191 and remote administrator instructions 192. As noted above, for example, remote administrator specifications 191 may specify that all JPEG content is to be blocked. The processing of the remote data may comprise applying security mechanisms configured to scrub the remote content of potentially malicious content, for example, malware.
  • Following the processing, the remote application processing block 187 re-encodes the remote data, which is now free of potentially malicious data and is also compliant with one or more of the remote administrator specifications 191 and the remote administrator instructions 192. The remote application processing block 187 then transmits the processed, re-encoded data to the client 110 via the remote application-to-client transfer action 197.
  • The remote application processing block 187 also can perform feedback and control functions. The feedback and control functions performed by the remote application processing block 187 may be directed in part or in whole by one or more of the remote administrator specifications 191 and the remote administrator instructions 192. The feedback and control functions performed by the remote application processing block 187 may comprise one or more of showing the progress of a client to remote application transfer action 194, showing the progress of a remote application to client transfer action 197, allowing the client 110 to cancel the process, showing an estimated transfer time of a client to remote application transfer action 194, showing an estimated transfer time of a remote application to client transfer action 197, and de-duplication measures to prevent duplicate transmissions.
  • After determining the remote data received in one or more of the remote clipboard transfer action 195A and the remote drag and drop transfer action 195B, the remote application processing block 187 optionally consults one or more of remote administrator specifications 191 and remote administrator instructions 192 to obtain input on how to process the remote data.
  • Following the processing, the remote application processing block 187 re-encodes the remote data, which is now free of potentially malicious data and is also compliant with one or more of remote administrator specifications 191 and remote administrator instructions 192. The remote application processing block 187 then transmits the processed, re-encoded data via a remote application-to-client transfer action 197 from the remote application processing block 187 via the network 175 to the client-side remote application module 150.
  • The client-side remote application module 150 also can perform feedback and control functions. The feedback and control functions performed by the client-side remote application module 150 may be directed in part or in whole by one or more of the client-side administrator specifications 168 and the remote administrator functions 169. The feedback and control functions performed by the client-side remote application module 150 may comprise one or more of showing the progress of a client to remote application transfer action 194, showing the progress of a remote application to client transfer action 197, allowing the client 110 to cancel the process, showing an estimated transfer time of a client to remote application transfer action 194, showing an estimated transfer time of a remote application to client transfer action 197, and de-duplication measures to prevent duplicate transmissions.
  • After analyzing the remote data received in one or more of the remote clipboard transfer action 195A and the remote drag and drop transfer action 195B, the remote application processing block 187 optionally consults one or more of the remote administrator specifications 191 and the remote administrator instructions 192 to obtain input on how to process the received remote data.
  • At the client 110, the client-side remote application module 150 analyzes the remote-side data received in the remote application-to-client transfer action 197. The client-side remote application module 150 also analyzes the client-side data from the client-side clipboard 115 in the client-side clipboard transfer action 193A. Alternatively, or additionally, the client-side remote application module 150 analyzes the type(s) of data in the client-side drag and drop transfer action 193B. For example, the client-side remote application module 150 determines whether the client-side data comprises one or more of client-side text content, client-side image content, client-side video content, client-side word processing content, client-side presentation content, client-side spreadsheet content, client-side zip content, client-side text HTML content, client-side PDF content, and other client-side content of interest. For example, client-side image content comprises one or more of client-side JPEG content, client-side GIF content, client-side PNG content, and other client-side image content.
  • After analyzing the client-side data received in one or more of the client-side clipboard transfer action 193A and the client-side drag and drop transfer action 193B, the client-side remote application module 150 processes the client-side data.
  • Optionally, the client-side remote application module 150 accesses one or more of client-side administrator specifications 168 and client-side administrator functions 169, which the client-side remote application module 150 applies to determine the most appropriate methods for processing the client-side data.
  • As noted above, one or more of the client-side administrator specifications 168 and the client-side administrator functions 169 may comprise one or more tables configured to provide instructions as to processing the client-side data. The processing of the client-side data by the client-side remote application module 150 may comprise scrubbing the client-side data of potentially malicious content, for example, malware. The processing of the client-side data by the client-side remote application module 150 may comprise blocking the client-side data based on one or more of client-side administrator specifications 168 and client-side administrator functions 169. As noted above, for example, client-side administrator specifications 168 may specify that all JPEG content is to be blocked. The processing of the client-side data may comprise applying security mechanisms configured to scrub the client-side content of potentially malicious content, for example, malware.
  • Following the processing, the client-side remote application module 150 re-encodes the client-side data, which is now free of potentially malicious data and is also compliant with one or more of client-side administrator specifications 168 and client-side administrator functions 169. The client-side remote application module 150 then transmits the processed, re-encoded data to the client 110 via the remote application-to-client transfer action 197.
  • After analyzing the client-side data received in one or more of the client-side clipboard transfer action 193A and the client-side drag and drop transfer action 193B, the client-side remote application module 150 optionally consults one or more of the client-side administrator specifications 168 and the client-side administrator functions 169 to obtain input on how to process the client-side content type(s).
  • FIG. 2 is a flowchart of a method 200 for dynamic clip analysis in a networked server-client system. The order of the steps in the method 200 is not constrained to that shown in FIG. 2 nor is it constrained to that described in the following discussion. Several of the steps could occur in a different order without affecting the final result.
  • In block 210, the remote application receives from the client client-side content analysis performed at the client of one or more of a client-side clipboard and a client-side drag and drop utility. Block 210 then transfers control to block 220.
  • In block 220, the remote application applies the received client-side content analysis. Block 220 then transfers control to block 230.
  • In block 230, the remote application receives remote content from one or more of a remote clipboard and a remote drag and drop utility. Block 230 then transfers control to block 240.
  • In block 240, the remote application analyzes the remote content. Block 240 then transfers control to block 250.
  • In block 250, the remote application processes the remote content. Block 250 then transfers control to block 260.
  • In block 260, the remote application re-encodes the remote content. Block 260 then terminates the process.
  • While the above representative embodiments have been described with certain components in exemplary configurations, it will be understood by one of ordinary skill in the art that other representative embodiments can be implemented using different configurations and/or different components. For example, it will be understood by one of ordinary skill in the art that the order of certain fabrication steps and certain components can be altered without substantially impairing the functioning of the invention.
  • The representative embodiments and disclosed subject matter, which have been described in detail herein, have been presented by way of example and illustration and not by way of limitation. It will be understood by those skilled in the art that various changes may be made in the form and details of the described embodiments resulting in equivalent embodiments that remain within the scope of the invention. It is intended, therefore, that the subject matter in the above description shall be interpreted as illustrative and shall not be interpreted in a limiting sense.

Claims (20)

What is claimed is:
1. A dynamic clip analysis system for use in a networked server-client system, comprising:
a client comprising a client-side remote application module configured to analyze client-side content from one or more of a client-side clipboard and a client-side drag and drop utility; and
a remote application interactively connected with the client over a network, the remote application comprising:
one or more of a remote clipboard and a remote drag and drop utility; and
a remote application processing block configured to receive and apply the client-side content analysis, to analyze remote content from one or more of the remote clipboard and the remote drag and drop utility, and to perform one or more of processing the remote content and re-encoding the remote content.
2. The system of claim 1, wherein the client-side remote application module is configured to transmit un-cleansed client data via the network to the remote application processing block.
3. The system of claim 2, wherein the remote application processing block is configured to receive the un-cleansed client data, to process the client data, and to re-encode the un-cleansed client data as cleansed client data.
4. The system of claim 3, wherein the remote application processing block is further configured to transmit the cleansed client data via the network to the client-side remote application module.
5. The system of claim 1, wherein the remote application further comprises remote storage.
6. The system of claim 5, wherein the remote storage comprises one or more of remote administrator specifications and remote administrator instructions to provide the remote application processing block with input on how to process the received remote content.
7. The system of claim 1, wherein the client further comprises client-side storage.
8. The system of claim 7, wherein the client-side storage comprises one or more of client-side administrator specifications and client-side administrator functions to provide the client-side remote application module with input on how to process the received client-side content.
9. The system of claim 1, wherein the remote application processing block is further configured to perform a remote clipboard transfer action from the remote clipboard to the remote application processing block, wherein the remote clipboard transfer action corresponds to a client-side clipboard transfer action from the client-side clipboard to the client-side remote application module.
10. The system of claim 1, wherein the remote application processing block is further configured to perform a remote drag and drop transfer action from the remote drag and drop utility to the remote application processing block, wherein the remote drag and drop transfer action corresponds to a client-side drag and drop transfer action from the client-side drag and drop utility to the client-side remote application module.
11. The system of claim 1, wherein processing the content comprises scrubbing the content.
12. A dynamic clip analysis method for use in a networked server-client system, comprising the steps of:
receiving from a client, by a remote application, client-side content analysis performed at the client of one or more of a client-side clipboard and a client-side drag and drop utility;
applying, by the remote application, the received client-side content analysis;
receiving, by the remote application, remote content from one or more of a remote clipboard and a remote drag and drop utility;
analyzing, by the remote application, the received remote content;
processing, by the remote application, the received remote content; and
re-encoding, by the remote application, the received remote content.
13. The method of claim 12, further comprising the step of: receiving from the client, by the remote application, un-cleansed client data transmitted by the client.
14. The system of claim 13, further comprising the steps of:
receiving, by the remote application, the un-cleansed client data;
processing, by the remote application, the un-cleansed client data; and
re-encoding, by the remote application, the un-cleansed client data as cleansed client data.
15. The system of claim 14, further comprising the step of:
transmitting, by the remote application, the cleansed client data via the network to the client.
16. The system of claim 1, wherein the remote application processing block is further configured to perform a remote clipboard transfer action from the remote clipboard to the remote application processing block, wherein the remote clipboard transfer action corresponds to a client-side clipboard transfer action from the client-side clipboard to the client-side remote application module.
17. The system of claim 1, wherein the remote application processing block is further configured to perform a remote drag and drop transfer action from the remote drag and drop utility to the remote application processing block, wherein the remote drag and drop transfer action corresponds to a client-side drag and drop transfer action from the client-side drag and drop utility to the client-side remote application module.
18. The method of claim 12, wherein the step of processing comprises scrubbing the content.
19. The method of claim 12, wherein the step of processing comprises consulting one or more of remote administrator specifications and remote administrator instructions to obtain input on how to process the received remote content.
20. A dynamic clip analysis system for use in a networked server-client system, comprising:
a client comprising a client-side remote application module configured to analyze client-side content from one or more of a client-side clipboard and a client-side drag and drop utility; and
a remote application interactively connected with the client over a network via the client-side remote application module, the remote application comprising:
one or more of a remote clipboard and a remote drag and drop utility;
remote storage comprising one or more of remote administrator specifications and remote administrator instructions to provide the remote application processing block with input on how to process the received remote content; and
a remote application processing block configured to receive and apply client-side content analysis from the client, the remote application processing block further configured to analyze remote content from one or more of the remote clipboard and the remote drag and drop utility, the remote application processing block further configured to perform one or more of processing the remote content and re-encoding the remote content, the remote application block further configured to receive un-cleansed client data via the network from the client, to process the un-cleansed client data, to re-encode the un-cleansed client data as cleansed client data, and to transmit the cleansed client data via the network to the client-side remote application module.
US15/650,710 2013-03-11 2017-07-14 Dynamic clip analysis Abandoned US20180129393A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US15/650,710 US20180129393A1 (en) 2013-03-11 2017-07-14 Dynamic clip analysis

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US201361775854P 2013-03-11 2013-03-11
US201361777545P 2013-03-12 2013-03-12
US14/205,023 US9740390B2 (en) 2013-03-11 2014-03-11 Dynamic clip analysis
US15/650,710 US20180129393A1 (en) 2013-03-11 2017-07-14 Dynamic clip analysis

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US14/205,023 Continuation US9740390B2 (en) 2013-03-11 2014-03-11 Dynamic clip analysis

Publications (1)

Publication Number Publication Date
US20180129393A1 true US20180129393A1 (en) 2018-05-10

Family

ID=51489249

Family Applications (2)

Application Number Title Priority Date Filing Date
US14/205,023 Expired - Fee Related US9740390B2 (en) 2013-03-11 2014-03-11 Dynamic clip analysis
US15/650,710 Abandoned US20180129393A1 (en) 2013-03-11 2017-07-14 Dynamic clip analysis

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US14/205,023 Expired - Fee Related US9740390B2 (en) 2013-03-11 2014-03-11 Dynamic clip analysis

Country Status (1)

Country Link
US (2) US9740390B2 (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9591015B1 (en) 2014-03-28 2017-03-07 Fireeye, Inc. System and method for offloading packet processing and static analysis operations
US10805340B1 (en) 2014-06-26 2020-10-13 Fireeye, Inc. Infection vector and malware tracking with an interactive user display
US9690933B1 (en) 2014-12-22 2017-06-27 Fireeye, Inc. Framework for classifying an object as malicious with machine learning for deploying updated predictive models
US9838417B1 (en) 2014-12-30 2017-12-05 Fireeye, Inc. Intelligent context aware user interaction for malware detection
US10313391B1 (en) * 2015-10-30 2019-06-04 Cyberinc Corporation Digital distillation
US10320809B1 (en) * 2015-10-30 2019-06-11 Cyberinc Corporation Decoupling rendering engine from web browser for security
US10404797B2 (en) * 2017-03-03 2019-09-03 Wyse Technology L.L.C. Supporting multiple clipboard items in a virtual desktop infrastructure environment
CN111813566B (en) * 2019-04-30 2023-01-31 厦门雅基软件有限公司 Cross-process dragging method, device, equipment and computer readable storage medium

Family Cites Families (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7392541B2 (en) * 2001-05-17 2008-06-24 Vir2Us, Inc. Computer system architecture and method providing operating-system independent virus-, hacker-, and cyber-terror-immune processing environments
US7694328B2 (en) * 2003-10-21 2010-04-06 Google Inc. Systems and methods for secure client applications
US20050138431A1 (en) * 2003-12-23 2005-06-23 Harrison Jay P. Network protection software and method
US8136149B2 (en) 2004-06-07 2012-03-13 Check Point Software Technologies, Inc. Security system with methodology providing verified secured individual end points
US7587594B1 (en) * 2004-08-30 2009-09-08 Microsoft Corporation Dynamic out-of-process software components isolation for trustworthiness execution
AU2005321876B2 (en) 2004-12-31 2011-07-07 Ntrepid, Llc System for protecting identity in a network environment
US8151323B2 (en) * 2006-04-12 2012-04-03 Citrix Systems, Inc. Systems and methods for providing levels of access and action control via an SSL VPN appliance
US20080016339A1 (en) 2006-06-29 2008-01-17 Jayant Shukla Application Sandbox to Detect, Remove, and Prevent Malware
JP5242405B2 (en) 2006-10-04 2013-07-24 古河電気工業株式会社 Optical fiber and optical fiber transmission line
US7797746B2 (en) * 2006-12-12 2010-09-14 Fortinet, Inc. Detection of undesired computer files in archives
US8756683B2 (en) * 2006-12-13 2014-06-17 Microsoft Corporation Distributed malicious software protection in file sharing environments
US8655939B2 (en) * 2007-01-05 2014-02-18 Digital Doors, Inc. Electromagnetic pulse (EMP) hardened information infrastructure with extractor, cloud dispersal, secure storage, content analysis and classification and method therefor
US8468244B2 (en) * 2007-01-05 2013-06-18 Digital Doors, Inc. Digital information infrastructure and method for security designated data and with granular data stores
US20080320594A1 (en) * 2007-03-19 2008-12-25 Xuxian Jiang Malware Detector
US8065391B2 (en) 2007-04-19 2011-11-22 Hugh Olliphant System and method for selecting and displaying webpages
US20080301562A1 (en) 2007-04-27 2008-12-04 Josef Berger Systems and Methods for Accelerating Access to Web Resources by Linking Browsers
US20100178953A1 (en) * 2007-06-15 2010-07-15 Nokia Corporation Collaborative Data Sharing
US8839431B2 (en) * 2008-05-12 2014-09-16 Enpulz, L.L.C. Network browser based virus detection
US9237166B2 (en) * 2008-05-13 2016-01-12 Rpx Corporation Internet search engine preventing virus exchange
US8245296B2 (en) * 2008-05-23 2012-08-14 Verizon Patent And Licensing Inc. Malware detection device
US8997205B1 (en) 2008-06-27 2015-03-31 Symantec Corporation Method and apparatus for providing secure web transactions using a secure DNS server
US8745361B2 (en) * 2008-12-02 2014-06-03 Microsoft Corporation Sandboxed execution of plug-ins
US20100153968A1 (en) * 2008-12-11 2010-06-17 Christof Engel External rendering of clipboard data
EP2443574A4 (en) 2009-06-19 2014-05-07 Blekko Inc Scalable cluster database
US8832829B2 (en) * 2009-09-30 2014-09-09 Fireeye, Inc. Network-based binary file extraction and analysis for malware detection
KR101070614B1 (en) * 2009-12-18 2011-10-10 한국인터넷진흥원 Malicious traffic isolation system using botnet infomation and malicious traffic isolation method using botnet infomation
US8589947B2 (en) 2010-05-11 2013-11-19 The Trustees Of Columbia University In The City Of New York Methods, systems, and media for application fault containment
US9100425B2 (en) * 2010-12-01 2015-08-04 Cisco Technology, Inc. Method and apparatus for detecting malicious software using generic signatures
WO2013079113A1 (en) 2011-12-01 2013-06-06 Fundacio Privada Barcelona Digital Centre Tecnologic Secure cloud browsing client-server system and method of secure remote browsing using the same
US8935581B2 (en) * 2012-04-19 2015-01-13 Netflix, Inc. Upstream fault detection
US9325775B2 (en) * 2012-09-11 2016-04-26 Google Inc. Clipboard
US20140259171A1 (en) * 2013-03-11 2014-09-11 Spikes, Inc. Tunable intrusion prevention with forensic analysis
US20140283071A1 (en) * 2013-03-12 2014-09-18 Spikes, Inc. Application malware isolation via hardware separation

Also Published As

Publication number Publication date
US20140258384A1 (en) 2014-09-11
US9740390B2 (en) 2017-08-22

Similar Documents

Publication Publication Date Title
US20180129393A1 (en) Dynamic clip analysis
US10447560B2 (en) Data leakage protection in cloud applications
US10785305B2 (en) Automatic file storage and sharing
US9519794B2 (en) Desktop redaction and masking
US20170103047A1 (en) Mechanisms to Compose, Execute, Save, and Retrieve Hyperlink Pipelines in Web Browsers
US20140283071A1 (en) Application malware isolation via hardware separation
US9158778B2 (en) Techniques for content services
US10785282B2 (en) Link file sharing and synchronization
RU2595533C2 (en) System for displaying mail attachments on web mail page
US9305170B1 (en) Systems and methods for securely providing information external to documents
US8930401B2 (en) Accessing and providing access to computer files over a computer network
US10970236B2 (en) System and method for optimized input/output to an object storage system
US8239403B2 (en) Enhancing soft file system links
US20160191531A1 (en) Method for file scrubbing in a security gateway for threat prevention
US20230101774A1 (en) Techniques for performing clipboard-to-file paste operations
US11516279B2 (en) Systems and methods for accessing multiple resources via one identifier
US10664292B2 (en) Web-based graphical user interface display system
US11747966B2 (en) Detecting paste and other types of user activities in computer environment
US20120215908A1 (en) Method and system for detecting improper operation and computer-readable non-transitory storage medium
US8898207B2 (en) Specifying options in filenames and multiplexing the options onto file access operations of a file system
US11558455B2 (en) Capturing data in data transfer appliance for transfer to a cloud-computing platform
Chavarriaga et al. Scaling the deployment of virtual machines in UnaCloud
US20190356725A1 (en) Generating client applications from service model descriptions
US9881012B1 (en) Efficient interruption or termination of archive operations
US11409716B2 (en) File conflict detection

Legal Events

Date Code Title Description
STPP Information on status: patent application and granting procedure in general

Free format text: FINAL REJECTION MAILED

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION

AS Assignment

Owner name: SPIKES, INC., CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:SPIKES, BRANDEN L.;SIMS, WALTER;REEL/FRAME:050755/0182

Effective date: 20140310

Owner name: CYBERINC CORPORATION, CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SPIKES, INC.;REEL/FRAME:050755/0199

Effective date: 20190604