USRE43529E1 - System and method for protecting a computer system from malicious software - Google Patents
System and method for protecting a computer system from malicious software Download PDFInfo
- Publication number
- USRE43529E1 USRE43529E1 US12/941,067 US94106710A USRE43529E US RE43529 E1 USRE43529 E1 US RE43529E1 US 94106710 A US94106710 A US 94106710A US RE43529 E USRE43529 E US RE43529E
- Authority
- US
- United States
- Prior art keywords
- web browser
- protected
- data
- memory space
- browser process
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active, expires
Links
- 238000000034 method Methods 0.000 title claims description 326
- 230000015654 memory Effects 0.000 claims abstract description 124
- 230000000977 initiatory effect Effects 0.000 claims abstract description 13
- 230000008569 process Effects 0.000 claims description 249
- 230000002452 interceptive effect Effects 0.000 claims description 20
- 208000015181 infectious disease Diseases 0.000 claims description 18
- 230000001413 cellular effect Effects 0.000 claims description 4
- 235000014510 cooky Nutrition 0.000 claims description 4
- 238000013479 data entry Methods 0.000 claims description 4
- 230000009977 dual effect Effects 0.000 claims description 3
- 238000005192 partition Methods 0.000 claims description 3
- 230000000903 blocking effect Effects 0.000 claims 1
- 230000006870 function Effects 0.000 description 17
- 238000013500 data storage Methods 0.000 description 11
- 230000005055 memory storage Effects 0.000 description 11
- 238000004891 communication Methods 0.000 description 10
- 230000008901 benefit Effects 0.000 description 9
- 238000012545 processing Methods 0.000 description 9
- 241000700605 Viruses Species 0.000 description 7
- 238000012546 transfer Methods 0.000 description 6
- 238000001514 detection method Methods 0.000 description 5
- 238000004140 cleaning Methods 0.000 description 4
- 230000007246 mechanism Effects 0.000 description 4
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 241000607479 Yersinia pestis Species 0.000 description 3
- 238000004590 computer program Methods 0.000 description 3
- 230000006378 damage Effects 0.000 description 3
- 238000012217 deletion Methods 0.000 description 3
- 230000037430 deletion Effects 0.000 description 3
- 238000013507 mapping Methods 0.000 description 3
- 241001417527 Pempheridae Species 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 230000008030 elimination Effects 0.000 description 2
- 238000003379 elimination reaction Methods 0.000 description 2
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 2
- 230000008595 infiltration Effects 0.000 description 2
- 238000001764 infiltration Methods 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 239000000463 material Substances 0.000 description 2
- 241000505472 Chivirus Species 0.000 description 1
- 244000035744 Hura crepitans Species 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 230000002155 anti-virotic effect Effects 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000015556 catabolic process Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000006731 degradation reaction Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000002360 explosive Substances 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002085 persistent effect Effects 0.000 description 1
- 230000001846 repelling effect Effects 0.000 description 1
- 230000011218 segmentation Effects 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
- 230000001629 suppression Effects 0.000 description 1
- 239000013598 vector Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/568—Computer malware detection or handling, e.g. anti-virus arrangements eliminating virus, restoring damaged files
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
Definitions
- the present invention relates generally to computer hardware and software, and more particularly to a system and method for protecting a computer system from malicious software.
- Goldstein 5,666,030 Multiple window generation in Parson computer display.
- 5,995,103 Window grouping mechanism for Ashe creating, manipulating and displaying windows and window groups on a display screen of a computer system.
- 5,502,808 Video graphics display system with Goddard, et al. adapter for display management based upon plural memory sources.
- 5,280,579 Memory mapped interface between host Nye computer and graphics system.
- 5,918,039 Method and apparatus for display Buswell, et al of windowing application programs on a terminal. 6,480,198 Multi-function controller and method Kang for a computer graphics display system. 6,167,522 Method and apparatus for providing Lee, et al.
- 6,578,140 Personal computer having a master Policard computer system and in internet computer system and monitoring a condition of said master and internet computer systems
- PUB E-mail software and method and system Jacobs Paul Application # for distributing advertisements to client E., et al. 20040054588 devices that have such e-mail software installed thereon.
- Malware is comprised of, but not limited to, classes of software files known as viruses, worms, Trojan horses, browser hijackers, adware, spyware, pop-up windows, data miners, etc.
- Such malware attacks are capable of stealing data by sending user keystrokes or information stored on a user's computer back to a host, changing data or destroying data on personal computers and/or servers and/or other computerized devices, especially through the Internet.
- these items represent a nuisance that interferes with the smooth operation of the computer system, and in the extreme, can lead to the unauthorized disclosure of confidential information stored on the computer system, significant degradation of computer system performance, or the complete collapse of computer system function.
- malware programs are designed to protect themselves from deletion.
- some malware programs comprise a pair of programs running simultaneously, with each program monitoring the other for deletion. If one of the pair of programs is deleted, the other program installs a replacement within milliseconds.
- some malware will run as a Windows program with a .dlls extension, which Windows may not allow a user to delete while it is executing.
- Malware may also reset a user's browser home page, change browser settings, or hijack search requests and direct such requests to another page or search engine. Further, the malware is often designed to defeat the user's attempts to reset the browser settings to their original values.
- some malware programs secretly record user input commands (such as keystrokes), then send the information back to a host computer. This type of malware is capable of stealing important user information, such as passwords, credit account numbers, etc.
- O/S operating system
- CPU central processing unit
- Multi-tasking O/S's allow programs to execute simultaneously by allowing programs to share resources with other programs. For example, an operating system running multiple programs executing at the same time allows the programs to share the computer's CPU time. Programs which run on the same system, even if not simultaneously with other programs, share space on the same nonvolatile memory storage medium.
- Programs which are executing simultaneously are presently able to place binaries and data in the same physical memory at the same time, limited to a certain degree by the O/S restrictions and policy, to the extent that these are properly implemented.
- Memory segments are shared by programs being serviced by the O/S, in the same manner.
- O/S resources such as threads, process tables and memory segments, are shared by programs executing simultaneously as well.
- Security problems include allowing the malware program: to capitalize CPU time, leaving other programs with little or no CPU time; to read, forge, write, delete or otherwise corrupt files created by other programs; to read, forge, write, delete or otherwise corrupt executable files of other programs, including the O/S itself; and to read and write memory locations used by other programs to thus corrupt execution of those programs.
- the computer may run an O/S, with several user applications, together comprising a known and trusted set of programs, concurrently with an Internet browser, possibly requiring the execution of downloaded code, such as Java applets, or EXE/COM executables, with the latter programs possibly containing malware.
- O/S Open/S Security
- Many security features and products are being built by software manufacturers and by O/S programmers to prevent malware infiltrations from taking place, and to ensure the correct level of isolation between programs.
- malware programs for virtually every software security mechanism, a malware practitioner has found a way to subvert, or hack around, the security system, allowing a malware program to cause harm to other programs in the shared environment. This includes every operating system and even the Java language, which was designed to create a standard interface, or sandbox, for Internet downloadable programs or applets.
- a typical multi-tasking O/S environment includes an O/S kernel loaded in the computer random access memory (RAM) at start-up of the computer.
- the O/S kernel is a minimal set of instructions which loads and off-loads resources and resource vectors into RAM as called upon by individual programs executing on the computer.
- Other resources, such as disk read and write, are left in RAM while the operating system is running because such resources are more often used than others.
- the most common state-of the-art solutions for preventing malware infiltration are software based, such as blockers, sweepers and firewalls, for example, and hardware based solutions such as router/firewalls.
- software designed to counter malware are Norton Systems Works, distributed by the Symantec Corporation, Ad-aware, distributed by the Lavasoft Corporation of Sweeden, Spy Sweeper, distributed by the Webroot Software Corporation, Spyware Guard, distributed by Javacool Software LLC, among others.
- Such anti-malware programs are limited because they can only detect known malware that has already been identified (usually after the malware has already attacked one or more computers).
- Network firewalls are typically based on packet filtering, which is limited in principle, since the rules determining which packets to accept and which to reject may contain subjective decisions based on trusting known sites or known applications.
- a malicious application may take over the computer or server or possibly the entire network and create unlimited damages (directly or indirectly by opening the door to additional malicious applications).
- the methods in the prior art are typically comprised of embedded software countermeasures that detect and filter unwanted intrusions in real time, or scan the computer system either at the direction of a user or as a scheduled event.
- Two problems arise from these methods.
- a comprehensive scan, detect, and elimination of malware from desired incoming data streams could significantly slow or preclude the interactive nature of many applications such a gaming, messaging, and browsing.
- newly implemented software screens may be quickly circumvented by malware practitioners who are determined to pass their files through the screen.
- Newly discovered malware leads to the development of additional screens, which lead to more malware, etc., thus creating an escalating cycle of measure, countermeasure.
- the basic flaw is that all incoming executable data files must be resident on the computers main processor to perform their desired function. Once resident on that processor, access may be gained to non-volatile memory and other basic computer system elements. Malware exploits this key architectural flaw to infiltrate and compromise computer systems.
- malware signatures are held in a database which must be constantly updated to reflect the most recently identified malware.
- users regularly download replacement databases, either over the Internet, from a received e-mail, or from a CDROM or floppy disc. Users are also expected to update their software engines every so often in order to take advantage of new virus detection techniques (e.g. which may be required when a new strain of malware is detected).
- a major problem faced by computer users connected to a network is that the network interface program (a browser, for example) is resident on the same processor as the O/S and other trusted programs, and shares space on a common memory storage medium.
- the network interface program a browser, for example
- malware practitioners have demonstrated great skill in circumventing software security measures to create malware capable of corrupting critical files on the shared memory storage medium. When this happens, users are often faced with a lengthy process of restoring their computer systems to the correct configuration, and often important files are simply lost because no backup exists.
- the network interface program may be advantageously given access to a separate, protected memory area, while being unable to initiate access to the main computer's memory storage area.
- malware programs are rendered unable to automatically corrupt critical system and user files located on the main memory storage area. If a malware infection occurs, a user would be able to completely clean the malware infection from the computer using a variety of methods. A user could simply delete all files contained in the protected memory area, and restore them from an image residing on the main memory area, for example.
- malware its effects on computer systems, techniques used by malware practitioners to install malware, and techniques for detection and removal, may be found in the published literature, and in some of the patents and applications previously incorporated by reference.
- Reference to malware may be found in a technical white paper entitled “Spyware, Adware, and Peer-to-Peer Networks: The Hidden Threat to Corporate Security.”, by Kevin Townsend, ⁇ Pest Patrol Inc. 2003. Pest Patrol is a Carlisle; Pa. based developer of software security tools.
- Another reference is a technical white paper entitled “Beyond Viruses: Why antivirus software is no longer enough.” by David Stang, PhD, ⁇ Pest Patrol Inc. 2002.
- Embodiments of the present invention achieve technical advantages as a system and method for protecting a computer system from malicious software attacks via a network connection.
- a computer system comprising a first electronic data processor is communicatively coupled to a first memory space and to a second memory space, a second electronic data processor is communicatively coupled to the second memory space and to a network interface device, wherein the second electronic data processor is capable of exchanging data across a network of one or more computers via the network interface device, a video processor is adapted to combine video data from the first and second electronic data processors and transmit the combined video data to a display terminal for displaying the combined video data in a windowed format, wherein the computer system is configured such that a malware program downloaded from the network and executing on the second electronic data processor is incapable of initiating access to the first memory space.
- Advertisement(s) This term is intended to broadly encompass any secondary content that is delivered or distributed to client devices in addition to the primary content, e.g., e-mail messages, which the software product instantiated by the client device is designed to receive, transmit, process, display, and/or utilize.
- this term is intended to cover, without limitation, paid advertisements, community service messages, public service announcements, system information messages or announcements, cross-promo spots, artwork, and any other graphical, multimedia, audio, video, text, or other secondary digital content.
- Client Device This term is intended to broadly encompass any device that has digital data processing and output, e.g., display, capabilities, including, but not limited to, desktop computers, laptop computers, hand-held computers, notebook computers, Personal Digital Assistants (PDAs), palm-top computing devices, intelligent devices, information appliances, video game consoles, information kiosks, wired and wireless Personal Communications Systems (PCS) devices, smart phones, intelligent cellular telephones with built-in web browsers, intelligent remote controllers for cable, satellite, and/or terrestrial broadcast television, and any other device that has the requisite capabilities.
- PDAs Personal Digital Assistants
- PCS Personal Communications Systems
- a client device i.e., an information client device, including, without limitation, text, documents, files, graphical objects, data objects, multimedia content, audio/sound files, video files, MPEG files, JPEG files, GIF files, PNG files, HTML documents, applications, formatted documents (e.g., word processor and/or spreadsheet documents or files), MP3 files, animations, photographs, and any other document, file, digital, or multimedia content that can be transmitted over a communications network such as the Internet.
- a client device i.e., an information client device, including, without limitation, text, documents, files, graphical objects, data objects, multimedia content, audio/sound files, video files, MPEG files, JPEG files, GIF files, PNG files, HTML documents, applications, formatted documents (e.g., word processor and/or spreadsheet documents or files), MP3 files, animations, photographs, and any other document, file, digital, or multimedia content that can be transmitted over a communications network such as the Internet.
- formatted documents e.g., word
- E-Mail Messages This term is intended to broadly encompass the e-mail message and any attachments thereto, including, without limitation, text, documents, files, graphical objects, data objects, multimedia content, audio/sound files, video files, MPEG files, JPEG files, GIF files, PNG files, HTML documents, applications, formatted documents (e.g., word processor and/or spreadsheet documents or files), MP3 files, animations, photographs, and any other document, file, digital, or multimedia content that can be transmitted over a communications network such as the Internet.
- a communications network such as the Internet.
- Memory This term is intended to broadly encompass any device capable of storing and/or incorporating computer readable code for instantiating the client device referred to immediately above. Thus, the term encompasses all types of recording medium, e.g., a CD-ROM, a disk drive (hard or soft), magnetic tape, and recording devices, e.g., memory devices including DRAM, SRAM, EEPROM, FRAM, and Flash memory. It should be noted that the term is intended to include any type of device which could be deemed persistent storage. To the extent that an Application Specific Integrated Circuit (ASIC) can be considered to incorporate instructions for instantiating a client device, an ASIC is also considered to be within the scope of the term “memory.”
- ASIC Application Specific Integrated Circuit
- FIG. 1 illustrates a preferred embodiment of an exemplary computer system according to the principles of the present invention
- FIG. 2 illustrates a preferred embodiment of an exemplary protected process flow according to the principles of the present invention
- FIG. 3 illustrates a preferred embodiment of an exemplary file download process according to the principles of the present invention
- FIG. 4 illustrates a preferred embodiment of an exemplary memory restoration process according to the principles of the present invention
- FIG. 5 illustrates a preferred embodiment of an exemplary automatic memory restoration and cleaning process according to the principles of the present invention
- FIG. 6 illustrates a preferred embodiment of an exemplary interactive network process flow according to the principles of the present invention
- FIG. 7 illustrates a preferred embodiment of an exemplary computer system according to the principles of the present invention.
- FIG. 8 illustrates a preferred embodiment of an exemplary computer system according to the principles of the present invention
- FIG. 9 illustrates a preferred embodiment of an exemplary computer system according to the principles of the present invention.
- FIG. 10 illustrates a preferred embodiment of an exemplary protected process flow according to the principles of the present invention.
- Computer system 100 may represent, for example, a personal computer (PC) system, a server, a portable computer, such as a notebook computer, or any data processing system, a personal digital assistant (PDA), a communication device such as a cell phone, or device that is capable of being connected to a network of one or more computers.
- System 100 comprises a first processor 120 (P 1 ) communicatively coupled to a first memory and data storage area 110 (M 1 ).
- P 1 100 may comprise, for example, a microprocessor, such as a Pentium® 4 processor, manufactured by the Intel Corporation, or a Power PC® processor, manufactured by the IBM Corporation.
- Other electronic data processors manufactured by other companies including but not limited to electronic data processors realized in Application Specific Integrated Circuits (ASICs) or in Field Programmable Gate Arrays (FPGAs), are within the spirit and scope of the present invention.
- ASICs Application Specific Integrated Circuits
- FPGAs Field Programmable Gate Arrays
- the first memory and data storage area 110 may comprise both volatile and nonvolatile memory devices, such as DRAMs and hard drives, respectively. Any memory structure and/or device capable of being communicatively coupled to P 1 may be advantageously used in the present invention.
- M 1 may be used to store, for example, critical operating system files, user data and applications, interim results of calculations, etc.
- the many uses of computer memory are well understood by those skilled in the art, and will not be discussed further here. One may refer to several of the aforementioned patents and applications incorporated by reference, in addition to other references, for a discussion of existing computer architectures and uses of computer memory.
- user interface 150 which may comprise, for example, a keyboard, mouse or other pointing device, microphone, pen pad, etc.
- a video processor 170 is used to format information for display and transmit the display information to a video display device 180 , which is viewed by user 160 .
- Video processor 170 typically includes an associated video memory area, which may be dedicated to the video processor, or shared with other resources. It is understood in the art that the video processor 170 may be part of processor P 1 120 , in that it may be integrated onto the microprocessor chip.
- Video processor 170 may also comprise a processor IC located on a video graphics card, which is communicatively coupled to a computer motherboard. Additionally, video processor 170 may comprise circuitry located on the computer motherboard. Further still, functions of video processor 170 may be split between the processor, motherboard, or separate video graphics card.
- Network interface device 190 may comprise, for example, a telephone modem, a cable modem, a DSL line, a router, gateway, hub, etc. Any device capable of interfacing with the network 195 may be used, via a wired connection, a wireless connection, or an optical connection, for example.
- Network interface device 190 may connect to network 195 through one or more additional network interface devices (not shown).
- network interface device 190 may comprise a gateway or router, connected to a cable modem, with the cable modem connected to network 195 .
- other configurations are within the spirit and scope of the present teachings.
- network 195 is isolated from the first processor 120 and memory 110 by a second processor 140 (P 2 ).
- Second processor 140 may comprise any electronic data processor, such as the devices previously described as applicable to first processor 120 .
- Communicatively coupled to P 2 140 is second memory and data storage area 130 (M 2 ), which may comprise any memory device or devices, such as the devices previously described as applicable to first memory 110 .
- the architecture of computer system 100 is designed to be capable of protecting memory 110 from malware initiated intrusions, and preventing malware from initiating unwanted processes on first processor 120 . This is accomplished by using second processor 140 to isolate 110 and 120 from network 195 .
- P 2 140 is communicatively coupled to memory storage area M 2 130 , and may be configured such that P 2 140 is incapable of initiating access to memory storage area M 1 110 .
- P 2 140 may be capable of accessing memory storage area M 1 110 with the strict permission of user 160 , either through a real time interaction or via stored configuration or commands.
- Such a configuration may be desirable in a multi-core or multi processor system, where user 160 may wish to use P 2 140 in either a protected mode or an unprotected mode, depending on the application.
- P 1 120 is communicatively coupled to both memory areas M 1 110 and M 2 130 , thereby enabling P 1 120 to access data downloaded from the network 195 .
- any malware that has intruded the 130 - 140 system is thus confined to the 130 - 140 system, and may be configured to be incapable of automatically corrupting data contained on M 1 110 , or of automatically initiating an unwanted process on P 1 120 .
- Computer user 160 wishes to connect to network 195 via for example, a browser program such as Internet Explorer or Netscape Navigator. Of course, other methods of connecting to network 195 may be used.
- User 160 inputs commands to open a protected process (e.g. a browser program in this example) at step 210 .
- 1 st processor 120 instructs 2 nd processor 140 to initiate the protected process and open one or more process windows.
- Second processor 140 in conjunction with memory 130 , then interacts with the network 195 via network interface device 190 , receiving and transmitting the data necessary to execute the desired protected process, such as browsing the internet or communication via e-mail.
- Second processor 140 and memory 130 act as a separate computer system, interacting with network 195 while isolating network 195 from the first processor 120 and memory 110 .
- Memory 130 may store critical application and system files required by second processor 140 to execute the desired tasks.
- Memory 130 also stores data necessary to carry out the desired protected process.
- first processor 120 receives user interface data from user 160 , and passes user interface data to second processor 140 when the protected process window is selected or active, illustrated at step 230 .
- User interface data such as keystrokes for example, may be advantageously encrypted by P 1 120 before passing the data to P 2 140 , with network interface device 190 possibly decrypting the data prior to transmitting the data to network 195 .
- Second processor 140 generates video data for the protected process window(s) and passes the video data to video processor 170 , for eventual display on video display 180 , shown at step 240 .
- Video processor 170 then interleaves the video data from all processes being executed by first processor 120 and second processor 140 , at step 250 . While there are many applicable methods for displaying video data from multiple sources, one such method was described in U.S. Pat. No. 5,751,979, entitled “Video hardware for protected, multiprocessing systems”, previously incorporated by reference.
- any malware is downloaded from network 195 , it is stored in memory 130 , and/or run as a process on second processor 140 .
- any downloaded malware is rendered incapable of self initiating access to memory 110 or first processor 120 , because second processor 140 is rendered incapable of initiating access to 110 and 120 without a direct or stored command from user 160 . Any malware infection is thus confined. If a malware attack corrupts files and/or disrupts the operation of the 130 - 140 system, the user may easily shut down the corrupted process and restore the corrupted files from a protected image stored on memory 110 , for example.
- the operating system controlling the 110 - 120 system may be different from an operating system controlling the protected 130 - 140 system. Conversely, a common operating system may control both the 110 - 120 system and the protected 130 - 140 system.
- a user 160 may find it desirable to transfer files from the protected 130 - 140 system to the 110 - 120 system. User 160 may find it necessary, for example, to transfer an attachment from an e-mail message stored on memory 130 to the 110 - 120 system for further processing, modification, etc.
- the computer system 100 may go through a process whereby a file or other data is transferred from the 130 - 140 system to the 110 - 120 system, exemplified by the process 300 illustrated in FIG. 3 .
- user 160 selects one or more data files to download from network 195 .
- the desired data is downloaded to the 130 - 140 system at step 320 .
- the user 160 then directs computer system 100 to move the desired file(s) from the 130 - 140 system to the 110 - 120 system at step 330 .
- P 1 120 may then perform a malware scan on the desired files, either in real time as the data is being transferred, or while the data still resides in M 2 130 (step 340 ). Alternatively, P 2 140 may perform the malware scan.
- processor P 2 140 (or P 1 120 ) determines if malware has been detected in the desired file(s), and thus P 1 120 makes a decision.
- the file(s) are moved or copied onto M 2 110 at step 360 . If malware is detected, the data file(s) are quarantined on M 2 130 , and the data file(s), if transferred to M 1 100 , are erased or quarantined. Once malware is detected, the user 160 may be alerted of the detection (step 370 ). Either as a result of user input or stored configuration commands, the infected file(s) are deleted, cleaned, or quarantined on M 2 130 , at step 380 .
- the user 160 would of course understand the dangers inherent in transferring downloaded files from the 130 - 140 system to the 110 - 120 system.
- the user's anti-malware software may not be up to date, or may simply be unable to detect certain types of malware.
- the malware itself may be so new that the user's anti-malware definitions have not been updated as yet. Therefore the user may wish to keep the files on the 130 - 140 system for some period of time. Consequently, it may be desirable to have resident on the 130 - 140 system a variety of application software such as readers, thereby allowing the user to examine the files without risking transferring the files to the 110 - 120 system.
- reader programs such as Adobe Acrobat Reader, by the Adobe Systems Corporation, or Visio reader, by the Microsoft Corporation, are typically subset application programs of the full featured application programs, and may thus require far less memory space than the full application. Additionally, software companies often distribute the reader programs for free (or a nominal fee), thereby providing advertising for the full featured application in the hopes that it will be eventually purchased by the user.
- This reader application may be opened and executed on the 130 - 140 system in a manner similar to the process described in FIG. 2 .
- a user 160 may also load a full application into the 130 - 140 system, enabling processing and modification of a downloaded file fully in the protected space, without risking a transfer of the file to the 110 - 120 system.
- the user 160 may wish to clean the 130 - 140 system. This cleaning may be accomplished by running an anti-malware application on the 130 - 140 system. However, if the infection is too severe for the anti-malware software to clean, or if the malware is undetectable by the user's anti-malware software, the user may wish to restore critical system files (or other user data files) for the 130 - 140 system from a protected image stored on M 1 100 , for example. It is of course understood that the critical system file image may be restored from another device, such as a removable drive or a CD, for example. The user may however consider it more convenient to restore the critical system files from an image on M 1 100 .
- an exemplary process for restoring M 2 130 from M 1 110 is illustrated by process 400 in FIG. 4 .
- malware is detected or suspected to be infecting the 130 - 140 system.
- the user instructs P 1 120 to reload critical system files onto M 2 130 from a protected image on M 1 110 , at step 420 .
- P 1 120 may scan all or part of the data contained on M 2 130 for malware, and may scan all processes currently running on P 2 140 .
- the scan may be initiated by direct instructions from the user, or by stored configuration commands, for example (step 430 ).
- P 1 120 may delete all or part of the data contained on M 2 .
- P 1 120 may also reset P 2 140 and/or delete the contents of any RAM communicatively coupled to P 2 140 (step 440 ).
- clean critical system files are loaded onto M 2 130 from any of the sources previously mentioned, preferably an image stored on M 1 110 (step 450 ).
- the 130 - 140 may now be rebooted and/or reinitialized from the clean critical system files.
- the user may elect to do a low level format on the M 1 110 memory in order to ensure that the malware infection has been cleaned.
- a user 160 may consider it advantageous for the 130 - 140 system to be automatically reinitialized from clean critical system files when a protected process window is opened. In this way, the new protected process is much less likely to be affected by an infection from a previous protected process session.
- a user may have a plurality of protected processes open and running during a protected process session. It may only be necessary to automatically reinitialize from clean critical system files when the first protected process is opened during a session. Subsequent protected processes may not require automatic re-initialization from clean critical system files.
- An exemplary automatic re-initialization from clean critical system files is illustrated by steps 510 , 520 and 530 in FIG. 5a .
- processes running on P 2 140 may be automatically scanned and compared with an allowed process list, particularly as a protected process is started up. If any process is detected which is not on the allowed list, the user may be alerted that a possible malware infection has occurred. A user may then choose to scan or clean the system, or inspect the unknown process to determine if the process will be allowed to continue to execute. A user may also update the list of allowed processes from time to time as new, legitimate processes are added, for example, by a browser software update.
- a user 160 may consider it advantageous for the 130 - 140 system to be automatically cleaned when a protected process window is closed. In this way, any detected or undetected malware infections are much less likely to affect a future protected process session. It may only be necessary to automatically clean the 130 - 140 system when the last protected process is closed during a session.
- An exemplary automatic cleaning process is illustrated by steps 540 , 550 , 560 , 570 and 580 in FIG. 5b .
- the memory M 2 130 and processor P 2 140 may be automatically scanned for malware infections as the protected process session closes. Infected files may be deleted or quarantined automatically.
- a user may wish to have automatically cleaned or deleted upon closing a protected process session.
- temporary internet files, cookies, browser plugins, etc. may be deleted or scanned for malware automatically.
- a user may also wish to have websites that contributed to a malware infection noted, and may wish to place the offending websites in a block list, such that the offending websites cannot be accessed in the future without the user specifically authorizing access.
- the malware scanner may automatically log the offending website(s), and block future access.
- the P 2 140 processor and any associated non-volatile memory may be reset and/or erased as the protected process session is closed. The exemplary automatic cleaning process illustrated in FIG. 5b may therefore reduce the risk of a malware infection being carried over to a future protected process session.
- Interactive network processes such as interactive gaming have become very popular in recent years.
- a user may log onto a game host located on network 195 , or connect to other computers whose users wish to participate in the game.
- Computer games such as Quake 3. Arena, by Id Software Incorporated, or Call of Duty, by Activision Incorporated, are just two examples of the plethora of games available that may be played interactively over a network.
- the user's computer system typically provides the bulk of the processing power and video graphics generation required to display the often fast moving and richly detailed three dimensional game environments. Information about the current and new state of the game is exchanged between various users' computer systems, often in real time.
- an exemplary process flow 600 allows an interactive network process, such as online gaming, to be carried out on computer system 100 .
- a user initiates an interactive network process via 2 nd processor P 2 140 (step 610 ).
- P 2 140 receives interactive network process status data from network connection (step 620 ).
- P 2 140 informs 1st processor P 1 120 that interactive network process status data is available (step 630 ).
- P 1 120 retrieves interactive network process status data from P 2 140 and uses the status data to update the interactive network process and update video display (step 640 ).
- P 1 120 passes the updated interactive network process status data to P 2 140 (step 650 ).
- P 2 140 then sends the updated interactive network process status data to the network via network connection 195 (step 660 ).
- the exemplary process 600 or a process functionally equivalent, is carried out continuously as long as the interactive process is running.
- computer system 100 is capable of actively deciding what data to download and use, and what data to discard or scan for malware.
- the game status data is buffered prior to loading it onto the 110 - 120 system.
- the 110 - 120 system may be advantageously configured to only accept game status information in the proper format, thereby minimizing the chance that a malware practitioner could deceptively load malware onto the 110 - 120 system.
- computer system 100 could be configured such that system 130 - 140 is powerful enough to process the interactive network process without exchanging information with the 110 - 120 system. Such a configuration may be more secure, as a conduit between the 110 - 120 system and the 130 - 140 system may not be necessarily opened.
- the 130 - 140 system may contain all the necessary files to facilitate the interactive network process.
- Higher end computers, workstations, and servers often contain dual (or more) processors, such as the Mac G5, manufactured by the Apple Computer Corporation, or a single physical processor with a multiple processor core. Often, the processors in these multi-processor machines are of equal or comparable processing power.
- one processor may be dedicated to performing functions equivalent to those described for P 1 120 , with a second processor performing the functions equivalent to those described for P 2 140 .
- a computer system 100 employing multiple processors may be advantageously configured such that one of the processors is dedicated to protected processes only when a network process is active. When a user is not accessing a network, the multiple processors in a computer system may be dedicated to other processes, such as performing complex calculations or simulations, or running complex non-network interactive gaming processes, for example.
- the computer system 100 may be configured such that the 110 - 120 system simply transfers required files to the video processor 170 or the 130 - 140 system at the appropriate time to facilitate the interactive network process. The 110 - 120 system could be commanded to retrieve and transfer the files at the command of the video processor, or at the command of the 130 - 140 system, or a combination of both.
- Computer system 100 may be configured in a variety of ways, while still remaining within the spirit and scope of the present teachings.
- One such exemplary embodiment is illustrated in FIG. 7 .
- Subsystem 700 of computer system 100 comprises a video processor 770 , a second processor 740 , and a second memory data storage area 730 .
- the demarcation line illustrated by subsystem 700 may be either physical or logical.
- subsystem 700 may comprise an add-on card, such as a high end video card, or a video/network card. If configured in this exemplary manner, a user could upgrade an existing computer system to take advantage of the teachings of the present invention.
- Subsystem 700 may be plugged into the main motherboard of an existing computer, for example.
- the motherboard connector may be already communicatively coupled to the 110 - 120 system, thereby facilitating the system upgrade.
- the network interface device 190 may be connected directly to subsystem 700 , or network interface device 190 could be integrated as part of subsystem 700 .
- Memory data storage area 730 may comprise any of the volatile and/or non-volatile memory types previously described, or any combination thereof, or any suitable memory storage medium, for example.
- subsystem 700 may be located on the motherboard, as opposed to an add-on card. Further still, portions of subsystem 700 , such as video processor 770 , and/or second processor 740 , for example, may be integrated together with P 1 120 . It is understood that functions described herein may be configured in a wide variety of ways, without departing from the spirit and scope of the present teachings.
- Subsystem 800 of computer system 100 comprises a video processor 870 , a second processor 840 , and a second memory data storage area 830 .
- the demarcation line illustrated by subsystem 800 may be either physical or logical.
- subsystem 800 may comprise an add-on card, such as a high end video card, or a video/network card. If configured in this exemplary manner, a user could upgrade an existing computer system to take advantage of features of the present invention.
- second processor 840 and video processor 870 are integrated together, perhaps on a common integrated circuit.
- Such a configuration may help to reduce the cost of subsystem 800 , and/or improve the performance. Additionally, a circuit designer may find it advantageous to integrate 840 and 870 together to facilitate communication between the functions. It is understood that such an integration of functions may create a device in which an external user may find it difficult to distinguish where the function of 870 ends and the function of 840 begins, and vice versa. Such a device, however, would remain within the spirit and scope of the present teachings.
- Computer system 100 comprises a video processor 970 , processor 960 , and a memory data storage area 950 .
- Processor 960 may further comprise multiple processor cores, illustrated by 1 st processor 920 and 2 nd processor 940 . It is understood that processor 960 may contain more than 2 processor cores. Microprocessors manufactured with multiple processor cores are becoming common in the industry, and such multi-core processors may be particularly advantageous when used in accordance with the present teachings.
- Memory data storage area 950 may further comprise 1 st memory data storage area 910 and 2 nd memory data storage area 930 . Memory areas 910 and 930 may comprise, for example, different partitions on a single hard drive, and/or different address ranges in a RAM bank.
- processors 920 and 940 may comprise separate, secure logical processes executing on the same physical processor.
- a first logical process may comprise executing instructions necessary to carry out the functions of an operating system, or the first logical process may comprise executing instructions necessary to carry out the functions of a first computer program, including but not limited to a word processor.
- a second logical process may comprise executing instructions necessary to carry out the functions of a web browser program, or may comprise executing instructions necessary to carry out the functions of an instant messenger program, for example.
- a computer system 100 constructed in accordance with the principles of the present invention would be capable of disallowing a secure logical process, such as the second logical process described above, access to certain memory spaces, and/or disallowing a secure logical process from initiating access to another logical process.
- the functions carried out by P 2 140 may comprise a secure logical process, which may be configured to be unable to automatically initiate access to either M 1 110 or another logical process performing the functions of P 1 120 .
- memory areas 910 and 930 may comprise separate, isolated memory zones within a common physical memory space, such as separate partitions within the same hard drive, for example.
- malware programs are designed to secretly record user input commands (such as keystrokes, for example), then send the information back to a host computer.
- This type of malware is capable of stealing important user information, such as passwords, bank account numbers, social security numbers, driver's license numbers, credit account numbers, etc. Theft of such personal information could result in the theft of actual assets (money or securities, etc.) or perhaps used for identity theft, among other malicious intents.
- a computer system capable of ensuring the protection of such sensitive information would be desirable.
- a computer system is configured such that attempts by malware to record and report data entry by the computer user via input devices such as keyboards, mouse clicks, microphones, or any other data input devices are effectively blocked.
- Encryption of user input data, such as keystrokes, is an effective means of protecting such data from theft by malware.
- Specific techniques used for data encryption and decryption are well known in the art, and need not be discussed further here. There are many examples in the art that may be examined to better understand various encryption/decryption techniques and the use of encryption/decryption in computer systems. Among these are U.S. Pat. No.
- a method of operating a computer system involving data encryption is described.
- a user opens a protected process where some level of data encryption is desired, for example, the encryption of sensitive user interface data or user files. Other data may be encrypted as desired.
- processor P 1 120 instructs processor P 2 140 to initiate a protected process and open a process window.
- P 1 120 encrypts the sensitive data and passes the user interface data to P 2 140 when a P 2 140 window is selected or active (step 1030 ).
- P 2 140 generates video data for the P 2 140 process window(s) and passes the video data to video processor 170 (step 1040 ).
- Video processor 170 decrypts the sensitive data and interleaves the video data from all P 1 and P 2 processes (step 1050 ).
- P 2 140 passes the encrypted sensitive data to network interface device 190 (step 1060 ).
- Network interface device 190 decrypts the sensitive data and passes the decrypted sensitive data to network 195 .
- other methods of operating a computer system in which data is encrypted prior to being passed to P 2 140 , and decrypted after leaving the control of P 2 140 are within the spirit and scope of the present teachings.
- data desired to be protected is encrypted prior to sending the data to processor P 2 140 , which may be running one or more malware processes.
- Processor P 2 140 does not have visibility to the decryption keys, and is therefore unable to decrypt the data.
- Data may be decrypted by network interface device 190 prior to forwarding the data on to network 195 .
- encrypted data may be sent directly over the network for decryption by another computer system, including, for example, an interne banking host computer.
- Decryption keys may be passed between P 1 120 and network interface device 190 via a communication link 191 .
- Video processor 170 may decrypt the data prior to displaying the data on video display 180 , with decryption keys possibly passed between P 1 120 and video processor 170 via a communication link 171 . Conversely, data may be passed directly to video processor 170 via a communication link 151 .
- a user 160 may wish to encrypt just a portion of the data destined for the network, such as passwords, credit card numbers, etc. Conversely, a user may wish to encrypt large blocks of data, such as e-mails or large application files containing sensitive text and/or graphics. Instructions may be passed to network interface device 190 directing 190 to decrypt one or more specific data blocks prior to sending the data blocks to network 195 . Conversely, instructions may be passed to network interface device 190 directing 190 to pass one or more specific data blocks to network 195 without decryption.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- Virology (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
- Information Transfer Between Computers (AREA)
Abstract
Description
U.S. patent or | ||
PUB Application | ||
Number | Title | Inventor(s) |
5,826,013 | Polymorphic virus detection module. | Nachenberg |
5,978,917 | Detection and elimination of macro | Chi |
viruses. | ||
6,735,700 | Fast virus scanning using session | Flint, et al |
stamping. | ||
6,663,000 | Validating components of a malware | Muttik, et al. |
scanner. | ||
6,553,377 | System and process for maintaining a | Eschelbeck, |
plurality of remote security applications | et al. | |
using a modular framework in a | ||
distributed computing environment. | ||
6,216,112 | Method for software distribution and | Fuller, et al. |
compensation with replenishable | ||
advertisements. | ||
4,890,098 | Flexible window management on a | Dawes, et al. |
computer display. | ||
5,555,364 | Windowed computer display. | Goldstein |
5,666,030 | Multiple window generation in | Parson |
computer display. | ||
5,995,103 | Window grouping mechanism for | Ashe |
creating, manipulating and displaying | ||
windows and window groups on a | ||
display screen of a computer system. | ||
5,502,808 | Video graphics display system with | Goddard, et al. |
adapter for display management based | ||
upon plural memory sources. | ||
5,280,579 | Memory mapped interface between host | Nye |
computer and graphics system. | ||
5,918,039 | Method and apparatus for display | Buswell, et al |
of windowing application programs | ||
on a terminal. | ||
6,480,198 | Multi-function controller and method | Kang |
for a computer graphics display system. | ||
6,167,522 | Method and apparatus for providing | Lee, et al. |
security for servers executing | ||
application programs received via a | ||
network | ||
6,199,181 | Method and system for maintaining | Rechef, et al. |
restricted operating environments for | ||
application programs or operating | ||
systems. | ||
6,275,938 | Security enhancement for untrusted | Bond, et al. |
executable code. | ||
6,321,337 | Method and system for protecting | Reshef, et al. |
operations of trusted internal networks. | ||
6,351,816 | System and method for securing a | Mueller, et al. |
program's execution in a network | ||
environment. | ||
6,546,554 | Browser-independent and automatic | Schmidt, et al. |
apparatus and method for receiving, | ||
installing and launching applications | ||
from a browser on a client computer. | ||
6,658,573 | Protecting resources in a distributed | Bischof, et al |
computer system. | ||
6,507,904 | Executing isolated mode instructions in | Ellison, et al. |
a secure system running in privilege | ||
rings. | ||
6,633,963 | Controlling access to multiple memory | Ellison, et al. |
zones in an isolated execution | ||
environment. | ||
6,678,825 | Controlling access to multiple isolated | Ellison, et al. |
memories in an isolated execution | ||
environment. | ||
5,751,979 | Video hardware for protected, | McCrory |
multiprocessing systems. | ||
6,581,162 | Method for securely creating, storing | Angelo, et al. |
and using encryption keys in a computer | ||
system. | ||
6,134,661 | Computer network security device | Topp |
and method. | ||
6,578,140 | Personal computer having a master | Policard |
computer system and in internet | ||
computer system and monitoring a | ||
condition of said master and internet | ||
computer systems | ||
PUB | E-mail software and method and system | Jacobs, Paul |
Application # | for distributing advertisements to client | E., et al. |
20040054588 | devices that have such e-mail software | |
installed thereon. | ||
PUB | System and method for comprehensive | Mayer, Yaron; |
Application # | general generic protection for computers | et al. |
20040034794 | against malicious programs that may | |
steal information and/or cause damages | ||
PUB | System and method for providing | Skrepetos, |
Application # | security to a remote computer over a | Nicholas C. |
20040006715 | network browser interface. | |
PUB | Virus protection in an internet | Samman, Ben |
Application # | environment. | |
20030177397 | ||
PUB | System and method for protecting | Pham, Khai; et |
Application # | computer users from web sites hosting | al. |
20030097591 | computer viruses. | |
PUB | Malware infection suppression. | Hinchliffe, |
Application # | Alexander | |
20030023857 | James; et al. | |
PUB | Access control for computers. | Riordan, |
Application # | James | |
20020066016 | ||
PUB | Detecting malicious alteration of stored | Wolff, Daniel |
Application # | computer files. | Joseph; et al. |
20020174349 | ||
Claims (65)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/941,067 USRE43529E1 (en) | 2004-08-07 | 2010-11-07 | System and method for protecting a computer system from malicious software |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/913,609 US7484247B2 (en) | 2004-08-07 | 2004-08-07 | System and method for protecting a computer system from malicious software |
US12/941,067 USRE43529E1 (en) | 2004-08-07 | 2010-11-07 | System and method for protecting a computer system from malicious software |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/913,609 Reissue US7484247B2 (en) | 2004-08-07 | 2004-08-07 | System and method for protecting a computer system from malicious software |
Publications (1)
Publication Number | Publication Date |
---|---|
USRE43529E1 true USRE43529E1 (en) | 2012-07-17 |
Family
ID=35759063
Family Applications (6)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/913,609 Active - Reinstated 2026-07-18 US7484247B2 (en) | 2004-08-07 | 2004-08-07 | System and method for protecting a computer system from malicious software |
US12/720,207 Active 2026-07-18 USRE43500E1 (en) | 2004-08-07 | 2010-03-09 | System and method for protecting a computer system from malicious software |
US12/720,147 Active 2026-07-18 USRE43528E1 (en) | 2004-08-07 | 2010-03-09 | System and method for protecting a computer system from malicious software |
US12/854,149 Active 2026-07-18 USRE43103E1 (en) | 2004-08-07 | 2010-08-10 | System and method for protecting a computer system from malicious software |
US12/941,067 Active 2026-07-18 USRE43529E1 (en) | 2004-08-07 | 2010-11-07 | System and method for protecting a computer system from malicious software |
US13/015,186 Active 2026-07-18 USRE43987E1 (en) | 2004-08-07 | 2011-01-27 | System and method for protecting a computer system from malicious software |
Family Applications Before (4)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/913,609 Active - Reinstated 2026-07-18 US7484247B2 (en) | 2004-08-07 | 2004-08-07 | System and method for protecting a computer system from malicious software |
US12/720,207 Active 2026-07-18 USRE43500E1 (en) | 2004-08-07 | 2010-03-09 | System and method for protecting a computer system from malicious software |
US12/720,147 Active 2026-07-18 USRE43528E1 (en) | 2004-08-07 | 2010-03-09 | System and method for protecting a computer system from malicious software |
US12/854,149 Active 2026-07-18 USRE43103E1 (en) | 2004-08-07 | 2010-08-10 | System and method for protecting a computer system from malicious software |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/015,186 Active 2026-07-18 USRE43987E1 (en) | 2004-08-07 | 2011-01-27 | System and method for protecting a computer system from malicious software |
Country Status (1)
Country | Link |
---|---|
US (6) | US7484247B2 (en) |
Cited By (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130347114A1 (en) * | 2012-04-30 | 2013-12-26 | Verint Systems Ltd. | System and method for malware detection |
US8646084B1 (en) | 2012-09-28 | 2014-02-04 | Kaspersky Lab Zao | Securing file launch activity utilizing safety ratings |
US8938796B2 (en) | 2012-09-20 | 2015-01-20 | Paul Case, SR. | Case secure computer architecture |
US9870116B1 (en) | 2013-12-09 | 2018-01-16 | Google Llc | Controlling actions for browser extensions |
US9923913B2 (en) | 2013-06-04 | 2018-03-20 | Verint Systems Ltd. | System and method for malware detection learning |
US10142426B2 (en) | 2015-03-29 | 2018-11-27 | Verint Systems Ltd. | System and method for identifying communication session participants based on traffic patterns |
US10198427B2 (en) | 2013-01-29 | 2019-02-05 | Verint Systems Ltd. | System and method for keyword spotting using representative dictionary |
US10491609B2 (en) | 2016-10-10 | 2019-11-26 | Verint Systems Ltd. | System and method for generating data sets for learning to identify user actions |
US10546008B2 (en) | 2015-10-22 | 2020-01-28 | Verint Systems Ltd. | System and method for maintaining a dynamic dictionary |
US10560842B2 (en) | 2015-01-28 | 2020-02-11 | Verint Systems Ltd. | System and method for combined network-side and off-air monitoring of wireless networks |
US10614107B2 (en) | 2015-10-22 | 2020-04-07 | Verint Systems Ltd. | System and method for keyword searching using both static and dynamic dictionaries |
US10630588B2 (en) | 2014-07-24 | 2020-04-21 | Verint Systems Ltd. | System and method for range matching |
US10958613B2 (en) | 2018-01-01 | 2021-03-23 | Verint Systems Ltd. | System and method for identifying pairs of related application users |
US10972558B2 (en) | 2017-04-30 | 2021-04-06 | Verint Systems Ltd. | System and method for tracking users of computer applications |
US10999295B2 (en) | 2019-03-20 | 2021-05-04 | Verint Systems Ltd. | System and method for de-anonymizing actions and messages on networks |
US11381977B2 (en) | 2016-04-25 | 2022-07-05 | Cognyte Technologies Israel Ltd. | System and method for decrypting communication exchanged on a wireless local area network |
US11399016B2 (en) | 2019-11-03 | 2022-07-26 | Cognyte Technologies Israel Ltd. | System and method for identifying exchanges of encrypted communication traffic |
US11403559B2 (en) | 2018-08-05 | 2022-08-02 | Cognyte Technologies Israel Ltd. | System and method for using a user-action log to learn to classify encrypted traffic |
US11575625B2 (en) | 2017-04-30 | 2023-02-07 | Cognyte Technologies Israel Ltd. | System and method for identifying relationships between users of computer applications |
Families Citing this family (133)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7926097B2 (en) | 1996-11-29 | 2011-04-12 | Ellis Iii Frampton E | Computer or microchip protected from the internet by internal hardware |
US7506020B2 (en) | 1996-11-29 | 2009-03-17 | Frampton E Ellis | Global network computers |
US20040003081A1 (en) * | 2002-06-26 | 2004-01-01 | Microsoft Corporation | System and method for providing program credentials |
US7757291B2 (en) | 2003-09-15 | 2010-07-13 | Trigence Corp. | Malware containment by application encapsulation |
US9178784B2 (en) | 2004-04-15 | 2015-11-03 | Raytheon Company | System and method for cluster management based on HPC architecture |
US8335909B2 (en) | 2004-04-15 | 2012-12-18 | Raytheon Company | Coupling processors to each other for high performance computing (HPC) |
US8336040B2 (en) | 2004-04-15 | 2012-12-18 | Raytheon Company | System and method for topology-aware job scheduling and backfilling in an HPC environment |
US8707251B2 (en) * | 2004-06-07 | 2014-04-22 | International Business Machines Corporation | Buffered viewing of electronic documents |
US7484247B2 (en) * | 2004-08-07 | 2009-01-27 | Allen F Rozman | System and method for protecting a computer system from malicious software |
CN101006433B (en) * | 2004-08-25 | 2012-01-11 | 日本电气株式会社 | Information communication device, and program execution environment control method |
US7533131B2 (en) * | 2004-10-01 | 2009-05-12 | Webroot Software, Inc. | System and method for pestware detection and removal |
KR20060061219A (en) * | 2004-12-01 | 2006-06-07 | 주식회사 비에스텍 | E n c r y p t i o n p r o c e s s o r |
US7571475B2 (en) * | 2005-04-05 | 2009-08-04 | Cisco Technology, Inc. | Method and electronic device for triggering zeroization in an electronic device |
US7565695B2 (en) * | 2005-04-12 | 2009-07-21 | Webroot Software, Inc. | System and method for directly accessing data from a data storage medium |
US20060230455A1 (en) * | 2005-04-12 | 2006-10-12 | Yuan-Chang Lo | Apparatus and methods for file system with write buffer to protect against malware |
US8452744B2 (en) * | 2005-06-06 | 2013-05-28 | Webroot Inc. | System and method for analyzing locked files |
WO2006131921A2 (en) * | 2005-06-08 | 2006-12-14 | Discretix Technologies Ltd. | Method, device, and system of maintaining a context of a secure execution environment |
US7788132B2 (en) * | 2005-06-29 | 2010-08-31 | Google, Inc. | Reviewing the suitability of Websites for participation in an advertising network |
US20090144826A2 (en) * | 2005-06-30 | 2009-06-04 | Webroot Software, Inc. | Systems and Methods for Identifying Malware Distribution |
US7712132B1 (en) * | 2005-10-06 | 2010-05-04 | Ogilvie John W | Detecting surreptitious spyware |
US8869270B2 (en) | 2008-03-26 | 2014-10-21 | Cupp Computing As | System and method for implementing content and network security inside a chip |
US20080276302A1 (en) | 2005-12-13 | 2008-11-06 | Yoggie Security Systems Ltd. | System and Method for Providing Data and Device Security Between External and Host Devices |
US8381297B2 (en) | 2005-12-13 | 2013-02-19 | Yoggie Security Systems Ltd. | System and method for providing network security to mobile devices |
JP5203969B2 (en) * | 2006-01-17 | 2013-06-05 | キダロ (イスラエル) リミテッド | Securing data in a networked environment |
EP1977347B1 (en) * | 2006-01-17 | 2017-12-27 | Microsoft Technology Licensing, LLC | Seamless integration of multiple computing environments |
US20070168694A1 (en) * | 2006-01-18 | 2007-07-19 | Phil Maddaloni | System and method for identifying and removing pestware using a secondary operating system |
US9112897B2 (en) * | 2006-03-30 | 2015-08-18 | Advanced Network Technology Laboratories Pte Ltd. | System and method for securing a network session |
US8434148B2 (en) * | 2006-03-30 | 2013-04-30 | Advanced Network Technology Laboratories Pte Ltd. | System and method for providing transactional security for an end-user device |
US20070234337A1 (en) * | 2006-03-31 | 2007-10-04 | Prowess Consulting, Llc | System and method for sanitizing a computer program |
US9547485B2 (en) | 2006-03-31 | 2017-01-17 | Prowess Consulting, Llc | System and method for deploying a virtual machine |
US20070237088A1 (en) * | 2006-04-05 | 2007-10-11 | Honeywell International. Inc | Apparatus and method for providing network security |
US8151353B2 (en) * | 2006-04-27 | 2012-04-03 | The Invention Science Fund I, Llc | Multi-network virus immunization with trust aspects |
US8966630B2 (en) * | 2006-04-27 | 2015-02-24 | The Invention Science Fund I, Llc | Generating and distributing a malware countermeasure |
US9258327B2 (en) | 2006-04-27 | 2016-02-09 | Invention Science Fund I, Llc | Multi-network virus immunization |
US8613095B2 (en) * | 2006-06-30 | 2013-12-17 | The Invention Science Fund I, Llc | Smart distribution of a malware countermeasure |
US8191145B2 (en) * | 2006-04-27 | 2012-05-29 | The Invention Science Fund I, Llc | Virus immunization using prioritized routing |
US7934260B2 (en) * | 2006-04-27 | 2011-04-26 | The Invention Science Fund I, Llc | Virus immunization using entity-sponsored bypass network |
US7917956B2 (en) | 2006-04-27 | 2011-03-29 | The Invention Science Fund I, Llc | Multi-network virus immunization |
US7849508B2 (en) * | 2006-04-27 | 2010-12-07 | The Invention Science Fund I, Llc | Virus immunization using entity-sponsored bypass network |
US8539581B2 (en) * | 2006-04-27 | 2013-09-17 | The Invention Science Fund I, Llc | Efficient distribution of a malware countermeasure |
US8117654B2 (en) * | 2006-06-30 | 2012-02-14 | The Invention Science Fund I, Llc | Implementation of malware countermeasures in a network device |
US8863285B2 (en) * | 2006-04-27 | 2014-10-14 | The Invention Science Fund I, Llc | Virus immunization using prioritized routing |
US8888585B1 (en) * | 2006-05-10 | 2014-11-18 | Mcafee, Inc. | Game console system, method and computer program product with anti-malware/spyware and parental control capabilities |
US8185737B2 (en) | 2006-06-23 | 2012-05-22 | Microsoft Corporation | Communication across domains |
US7996903B2 (en) | 2006-07-07 | 2011-08-09 | Webroot Software, Inc. | Method and system for detecting and removing hidden pestware files |
US8190868B2 (en) | 2006-08-07 | 2012-05-29 | Webroot Inc. | Malware management through kernel detection |
JP4895718B2 (en) * | 2006-08-14 | 2012-03-14 | 株式会社リコー | Image forming apparatus, data recovery method, and recording medium |
US8136162B2 (en) * | 2006-08-31 | 2012-03-13 | Broadcom Corporation | Intelligent network interface controller |
US8056134B1 (en) | 2006-09-10 | 2011-11-08 | Ogilvie John W | Malware detection and identification via malware spoofing |
US9639696B1 (en) * | 2006-09-29 | 2017-05-02 | Symantec Operating Corporation | Method and apparatus for analyzing end user license agreements |
US7941852B2 (en) * | 2006-10-04 | 2011-05-10 | Symantec Corporation | Detecting an audio/visual threat |
US8590002B1 (en) | 2006-11-29 | 2013-11-19 | Mcafee Inc. | System, method and computer program product for maintaining a confidentiality of data on a network |
US20080182667A1 (en) * | 2007-01-25 | 2008-07-31 | Igt, Inc. | Method of securing data on a portable gaming device from tampering |
US8621008B2 (en) | 2007-04-26 | 2013-12-31 | Mcafee, Inc. | System, method and computer program product for performing an action based on an aspect of an electronic mail message thread |
US8726041B2 (en) * | 2007-05-09 | 2014-05-13 | Sony Corporation | Methods and apparatus for generating a random number in one or more isolated processors |
US8365272B2 (en) | 2007-05-30 | 2013-01-29 | Yoggie Security Systems Ltd. | System and method for providing network and computer firewall protection with dynamic address isolation to a device |
US10019570B2 (en) | 2007-06-14 | 2018-07-10 | Microsoft Technology Licensing, Llc | Protection and communication abstractions for web browsers |
US8199965B1 (en) | 2007-08-17 | 2012-06-12 | Mcafee, Inc. | System, method, and computer program product for preventing image-related data loss |
US20130276061A1 (en) | 2007-09-05 | 2013-10-17 | Gopi Krishna Chebiyyam | System, method, and computer program product for preventing access to data with respect to a data access attempt associated with a remote data sharing session |
US8446607B2 (en) * | 2007-10-01 | 2013-05-21 | Mcafee, Inc. | Method and system for policy based monitoring and blocking of printing activities on local and network printers |
US8424078B2 (en) * | 2007-11-06 | 2013-04-16 | International Business Machines Corporation | Methodology for secure application partitioning enablement |
WO2009094371A1 (en) * | 2008-01-22 | 2009-07-30 | Authentium, Inc. | Trusted secure desktop |
US8918865B2 (en) * | 2008-01-22 | 2014-12-23 | Wontok, Inc. | System and method for protecting data accessed through a network connection |
US8893285B2 (en) | 2008-03-14 | 2014-11-18 | Mcafee, Inc. | Securing data using integrated host-based data loss agent with encryption detection |
US20090299862A1 (en) * | 2008-06-03 | 2009-12-03 | Microsoft Corporation | Online ad serving |
US9524344B2 (en) * | 2008-06-03 | 2016-12-20 | Microsoft Corporation | User interface for online ads |
US8813050B2 (en) * | 2008-06-03 | 2014-08-19 | Isight Partners, Inc. | Electronic crime detection and tracking |
US8151073B2 (en) * | 2008-06-25 | 2012-04-03 | Fac Systems Inc. | Security system for computers |
US20090327869A1 (en) * | 2008-06-27 | 2009-12-31 | Microsoft Corporation | Online ad serving |
US7530106B1 (en) * | 2008-07-02 | 2009-05-05 | Kaspersky Lab, Zao | System and method for security rating of computer processes |
US8631488B2 (en) | 2008-08-04 | 2014-01-14 | Cupp Computing As | Systems and methods for providing security services during power management mode |
US9077684B1 (en) | 2008-08-06 | 2015-07-07 | Mcafee, Inc. | System, method, and computer program product for determining whether an electronic mail message is compliant with an etiquette policy |
KR101012669B1 (en) * | 2008-09-25 | 2011-02-11 | 주식회사 안철수연구소 | Malicious program detector for scanning a illegal memory access and method thereof |
JP4696151B2 (en) * | 2008-10-23 | 2011-06-08 | 株式会社エヌ・ティ・ティ・ドコモ | Information processing apparatus and memory management method |
US9166797B2 (en) * | 2008-10-24 | 2015-10-20 | Microsoft Technology Licensing, Llc | Secured compartment for transactions |
US8789202B2 (en) | 2008-11-19 | 2014-07-22 | Cupp Computing As | Systems and methods for providing real time access monitoring of a removable media device |
US8607345B1 (en) | 2008-12-16 | 2013-12-10 | Trend Micro Incorporated | Method and apparatus for generic malware downloader detection and prevention |
US11489857B2 (en) | 2009-04-21 | 2022-11-01 | Webroot Inc. | System and method for developing a risk profile for an internet resource |
KR101135629B1 (en) * | 2009-10-26 | 2012-04-17 | 한국전자통신연구원 | Method and apparatus for preventing autorun of portable USB storage |
WO2011060190A1 (en) * | 2009-11-12 | 2011-05-19 | Dan Kaminsky Holdings, Llc | Apparatus and method for securing and isolating operational nodes in a computer network |
US8494974B2 (en) * | 2010-01-18 | 2013-07-23 | iSIGHT Partners Inc. | Targeted security implementation through security loss forecasting |
US8255986B2 (en) * | 2010-01-26 | 2012-08-28 | Frampton E. Ellis | Methods of securely controlling through one or more separate private networks an internet-connected computer having one or more hardware-based inner firewalls or access barriers |
US8429735B2 (en) | 2010-01-26 | 2013-04-23 | Frampton E. Ellis | Method of using one or more secure private networks to actively configure the hardware of a computer or microchip |
US20110213809A1 (en) * | 2010-03-01 | 2011-09-01 | Panda Security, S.L. | Method, a system and a computer program product for protecting a data-storing device |
US8495739B2 (en) | 2010-04-07 | 2013-07-23 | International Business Machines Corporation | System and method for ensuring scanning of files without caching the files to network device |
US20110273452A1 (en) * | 2010-05-10 | 2011-11-10 | Nokia Siemens Networks Oy | Data display |
US9202049B1 (en) | 2010-06-21 | 2015-12-01 | Pulse Secure, Llc | Detecting malware on mobile devices |
US8082585B1 (en) * | 2010-09-13 | 2011-12-20 | Raymond R. Givonetti | Protecting computers from malware using a hardware solution that is not alterable by any software |
CN102436559B (en) * | 2010-09-29 | 2016-06-01 | 联想(北京)有限公司 | A kind of state switching method and system |
US8438644B2 (en) | 2011-03-07 | 2013-05-07 | Isight Partners, Inc. | Information system security based on threat vectors |
KR20120118353A (en) * | 2011-04-18 | 2012-10-26 | 삼성전자주식회사 | Broadcast receiving apparatus and method of installing service |
RU2506638C2 (en) * | 2011-06-28 | 2014-02-10 | Закрытое акционерное общество "Лаборатория Касперского" | System and method for hardware detection and cleaning of unknown malware installed on personal computer |
US20130096980A1 (en) * | 2011-10-18 | 2013-04-18 | Mcafee, Inc. | User-defined countermeasures |
TWI619038B (en) * | 2011-11-07 | 2018-03-21 | Admedec Co Ltd | Safety box |
US9047456B2 (en) | 2012-03-20 | 2015-06-02 | Canon Information And Imaging Solutions, Inc. | System and method for controlling access to a resource |
US8832837B2 (en) * | 2012-06-29 | 2014-09-09 | Mcafee Inc. | Preventing attacks on devices with multiple CPUs |
US11126720B2 (en) | 2012-09-26 | 2021-09-21 | Bluvector, Inc. | System and method for automated machine-learning, zero-day malware detection |
US9292688B2 (en) * | 2012-09-26 | 2016-03-22 | Northrop Grumman Systems Corporation | System and method for automated machine-learning, zero-day malware detection |
US11188652B2 (en) | 2012-10-02 | 2021-11-30 | Mordecai Barkan | Access management and credential protection |
US9092628B2 (en) * | 2012-10-02 | 2015-07-28 | Mordecai Barkan | Secure computer architectures, systems, and applications |
US9342695B2 (en) | 2012-10-02 | 2016-05-17 | Mordecai Barkan | Secured automated or semi-automated systems |
US9672360B2 (en) | 2012-10-02 | 2017-06-06 | Mordecai Barkan | Secure computer architectures, systems, and applications |
US9973501B2 (en) | 2012-10-09 | 2018-05-15 | Cupp Computing As | Transaction security systems and methods |
EP2973172B1 (en) | 2013-03-12 | 2017-07-26 | Intel Corporation | Preventing malicious instruction execution |
US9501645B2 (en) * | 2013-03-15 | 2016-11-22 | Rudolf H. Hendel | System and method for the protection of computers and computer networks against cyber threats |
US20160078226A1 (en) * | 2013-05-14 | 2016-03-17 | Hewlett-Packard Development Company, L.P. | Detection of a security event |
US9927995B2 (en) * | 2013-06-19 | 2018-03-27 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and an integrated circuit for executing a trusted application within a trusted runtime environment |
WO2015006375A1 (en) | 2013-07-08 | 2015-01-15 | Cupp Computing As | Systems and methods for providing digital content marketplace security |
US9177150B1 (en) * | 2013-12-04 | 2015-11-03 | Google Inc. | Detecting setting tampering |
WO2015123611A2 (en) | 2014-02-13 | 2015-08-20 | Cupp Computing As | Systems and methods for providing network security using a secure digital device |
US9749344B2 (en) | 2014-04-03 | 2017-08-29 | Fireeye, Inc. | System and method of cyber threat intensity determination and application to cyber threat mitigation |
US9749343B2 (en) | 2014-04-03 | 2017-08-29 | Fireeye, Inc. | System and method of cyber threat structure mapping and application to cyber threat mitigation |
US9372996B2 (en) * | 2014-05-15 | 2016-06-21 | International Business Machines Corporation | Protecting data owned by an operating system in a multi-operating system mobile environment |
US20160006754A1 (en) * | 2014-07-01 | 2016-01-07 | Mcafee, Inc. | Secure enclave-rendered contents |
WO2016081346A1 (en) | 2014-11-21 | 2016-05-26 | Northrup Grumman Systems Corporation | System and method for network data characterization |
US9892261B2 (en) | 2015-04-28 | 2018-02-13 | Fireeye, Inc. | Computer imposed countermeasures driven by malware lineage |
US11176240B1 (en) * | 2021-04-20 | 2021-11-16 | Stanley Kevin Miles | Multi-transfer resource allocation using modified instances of corresponding records in memory |
US11461456B1 (en) * | 2015-06-19 | 2022-10-04 | Stanley Kevin Miles | Multi-transfer resource allocation using modified instances of corresponding records in memory |
US10715533B2 (en) * | 2016-07-26 | 2020-07-14 | Microsoft Technology Licensing, Llc. | Remediation for ransomware attacks on cloud drive folders |
US10540498B2 (en) * | 2016-08-12 | 2020-01-21 | Intel Corporation | Technologies for hardware assisted native malware detection |
US10628585B2 (en) | 2017-01-23 | 2020-04-21 | Microsoft Technology Licensing, Llc | Ransomware resilient databases |
KR101997254B1 (en) * | 2017-05-10 | 2019-07-08 | 김덕우 | Computer having isolated user computing part |
KR101920866B1 (en) * | 2017-05-18 | 2018-11-21 | 김덕우 | An auxiliary memory device having independent recovery region |
US10061923B1 (en) * | 2017-06-26 | 2018-08-28 | Pritam Nath | Safe and secure internet or network connected computing machine providing means for processing, manipulating, receiving, transmitting and storing information free from hackers, hijackers, virus, malware etc. |
US11750623B2 (en) * | 2017-09-04 | 2023-09-05 | ITsMine Ltd. | System and method for conducting a detailed computerized surveillance in a computerized environment |
US10924377B2 (en) * | 2018-09-11 | 2021-02-16 | Citrix Systems, Inc. | Systems and methods for application scripts for cross-domain applications |
CN110505283B (en) * | 2019-07-31 | 2022-10-21 | 湖南微算互联信息技术有限公司 | Automatic maintenance system and method based on cloud mobile phone |
US11625505B2 (en) | 2019-08-19 | 2023-04-11 | Microsoft Technology Licensing, Llc | Processor with network stack domain and system domain using separate memory regions |
US11470118B2 (en) | 2019-11-01 | 2022-10-11 | Microsoft Technology Licensing, Llc | Processor with network processing stack having separate binary |
WO2021211091A1 (en) * | 2020-04-13 | 2021-10-21 | KameleonSec Ltd. | Secure processing engine for securing a computing system |
US11403403B2 (en) * | 2020-04-13 | 2022-08-02 | KameleonSec Ltd. | Secure processing engine for securing a computing system |
US11586727B2 (en) * | 2021-03-29 | 2023-02-21 | Red Hat, Inc. | Systems and methods for preventing kernel stalling attacks |
US11599636B1 (en) * | 2022-07-27 | 2023-03-07 | Aurora Security Llc | Systems and methods for managing and providing software packages which have undergone malware and/or vulnerability analysis |
Citations (105)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4890098A (en) | 1987-10-20 | 1989-12-26 | International Business Machines Corporation | Flexible window management on a computer display |
US5280579A (en) | 1990-09-28 | 1994-01-18 | Texas Instruments Incorporated | Memory mapped interface between host computer and graphics system |
US5502808A (en) | 1991-07-24 | 1996-03-26 | Texas Instruments Incorporated | Video graphics display system with adapter for display management based upon plural memory sources |
US5555364A (en) | 1994-08-23 | 1996-09-10 | Prosoft Corporation | Windowed computer display |
US5564051A (en) * | 1989-08-03 | 1996-10-08 | International Business Machines Corporation | Automatic update of static and dynamic files at a remote network node in response to calls issued by or for application programs |
US5666030A (en) | 1994-07-20 | 1997-09-09 | Ncr Corporation | Multiple window generation in computer display |
US5673403A (en) * | 1992-11-13 | 1997-09-30 | International Business Machines Corporation | Method and system for displaying applications of different operating systems on a single system using the user interface of the different operating systems |
US5751979A (en) * | 1995-05-31 | 1998-05-12 | Unisys Corporation | Video hardware for protected, multiprocessing systems |
US5826013A (en) | 1995-09-28 | 1998-10-20 | Symantec Corporation | Polymorphic virus detection module |
US5918039A (en) | 1995-12-29 | 1999-06-29 | Wyse Technology, Inc. | Method and apparatus for display of windowing application programs on a terminal |
US5974549A (en) * | 1997-03-27 | 1999-10-26 | Soliton Ltd. | Security monitor |
US5978917A (en) | 1997-08-14 | 1999-11-02 | Symantec Corporation | Detection and elimination of macro viruses |
US5995103A (en) | 1996-05-10 | 1999-11-30 | Apple Computer, Inc. | Window grouping mechanism for creating, manipulating and displaying windows and window groups on a display screen of a computer system |
US6091412A (en) | 1997-09-30 | 2000-07-18 | The United States Of America As Represented By The Secretary Of The Navy | Universal client device permitting a computer to receive and display information from several special applications |
US6108715A (en) | 1994-12-13 | 2000-08-22 | Microsoft Corporation | Method and system for invoking remote procedure calls |
US6134661A (en) | 1998-02-11 | 2000-10-17 | Topp; William C. | Computer network security device and method |
US6167522A (en) | 1997-04-01 | 2000-12-26 | Sun Microsystems, Inc. | Method and apparatus for providing security for servers executing application programs received via a network |
US6183366B1 (en) | 1996-01-19 | 2001-02-06 | Sheldon Goldberg | Network gaming system |
US6192477B1 (en) * | 1999-02-02 | 2001-02-20 | Dagg Llc | Methods, software, and apparatus for secure communication over a computer network |
US6199181B1 (en) * | 1997-09-09 | 2001-03-06 | Perfecto Technologies Ltd. | Method and system for maintaining restricted operating environments for application programs or operating systems |
US6216112B1 (en) | 1998-05-27 | 2001-04-10 | William H. Fuller | Method for software distribution and compensation with replenishable advertisements |
US6275938B1 (en) | 1997-08-28 | 2001-08-14 | Microsoft Corporation | Security enhancement for untrusted executable code |
US6285987B1 (en) | 1997-01-22 | 2001-09-04 | Engage, Inc. | Internet advertising system |
US20020002673A1 (en) * | 2000-06-30 | 2002-01-03 | Microsoft Corporation | System and method for integrating secure and non-secure software objects |
US6351816B1 (en) | 1996-05-30 | 2002-02-26 | Sun Microsystems, Inc. | System and method for securing a program's execution in a network environment |
US20020052809A1 (en) * | 2000-11-02 | 2002-05-02 | Orell Fussli Security Documents Ag | Method for verifying the authenticity of articles |
US6385721B1 (en) * | 1999-01-22 | 2002-05-07 | Hewlett-Packard Company | Computer with bootable hibernation partition |
US6397242B1 (en) | 1998-05-15 | 2002-05-28 | Vmware, Inc. | Virtualization system including a virtual machine monitor for a computer with a segmented architecture |
US20020066016A1 (en) | 2000-03-15 | 2002-05-30 | International Business Machines Corporation | Access control for computers |
US6401134B1 (en) | 1997-07-25 | 2002-06-04 | Sun Microsystems, Inc. | Detachable java applets |
US6433794B1 (en) | 1998-07-31 | 2002-08-13 | International Business Machines Corporation | Method and apparatus for selecting a java virtual machine for use with a browser |
US6438600B1 (en) | 1999-01-29 | 2002-08-20 | International Business Machines Corporation | Securely sharing log-in credentials among trusted browser-based applications |
US6480198B2 (en) | 1997-06-27 | 2002-11-12 | S3 Graphics Co., Ltd. | Multi-function controller and method for a computer graphics display system |
US20020174349A1 (en) | 2001-05-15 | 2002-11-21 | Wolff Daniel Joseph | Detecting malicious alteration of stored computer files |
US6492995B1 (en) | 1999-04-26 | 2002-12-10 | International Business Machines Corporation | Method and system for enabling localization support on web applications |
US6505300B2 (en) | 1998-06-12 | 2003-01-07 | Microsoft Corporation | Method and system for secure running of untrusted content |
US6507948B1 (en) | 1999-09-02 | 2003-01-14 | International Business Machines Corporation | Method, system, and program for generating batch files |
US6507904B1 (en) | 2000-03-31 | 2003-01-14 | Intel Corporation | Executing isolated mode instructions in a secure system running in privilege rings |
US20030023857A1 (en) | 2001-07-26 | 2003-01-30 | Hinchliffe Alexander James | Malware infection suppression |
US6546554B1 (en) | 2000-01-21 | 2003-04-08 | Sun Microsystems, Inc. | Browser-independent and automatic apparatus and method for receiving, installing and launching applications from a browser on a client computer |
US6553377B1 (en) | 2000-03-31 | 2003-04-22 | Network Associates, Inc. | System and process for maintaining a plurality of remote security applications using a modular framework in a distributed computing environment |
US20030097591A1 (en) | 2001-11-20 | 2003-05-22 | Khai Pham | System and method for protecting computer users from web sites hosting computer viruses |
US6578140B1 (en) * | 2000-04-13 | 2003-06-10 | Claude M Policard | Personal computer having a master computer system and an internet computer system and monitoring a condition of said master and internet computer systems |
US6581162B1 (en) | 1996-12-31 | 2003-06-17 | Compaq Information Technologies Group, L.P. | Method for securely creating, storing and using encryption keys in a computer system |
US20030131152A1 (en) | 2001-09-20 | 2003-07-10 | Ulfar Erlingsson | Altered states of software component behavior |
US20030177397A1 (en) | 2000-08-31 | 2003-09-18 | Ben Samman | Virus protection in an internet environment |
US6633963B1 (en) | 2000-03-31 | 2003-10-14 | Intel Corporation | Controlling access to multiple memory zones in an isolated execution environment |
US20030221114A1 (en) * | 2002-03-08 | 2003-11-27 | International Business Machines Corporation | Authentication system and method |
US6658573B1 (en) | 1997-01-17 | 2003-12-02 | International Business Machines Corporation | Protecting resources in a distributed computer system |
US6663000B1 (en) | 2002-08-01 | 2003-12-16 | Networks Associates Technology, Inc. | Validating components of a malware scanner |
US20040006706A1 (en) * | 2002-06-06 | 2004-01-08 | Ulfar Erlingsson | Methods and systems for implementing a secure application execution environment using derived user accounts for internet content |
US20040006715A1 (en) | 2002-07-05 | 2004-01-08 | Skrepetos Nicholas C. | System and method for providing security to a remote computer over a network browser interface |
US6678825B1 (en) | 2000-03-31 | 2004-01-13 | Intel Corporation | Controlling access to multiple isolated memories in an isolated execution environment |
US6678712B1 (en) * | 1996-01-19 | 2004-01-13 | International Business Machines Corporation | Method and system for executing a program under one of a plurality of mutually exclusive operating environments |
US6691230B1 (en) | 1998-10-15 | 2004-02-10 | International Business Machines Corporation | Method and system for extending Java applets sand box with public client storage |
US20040034794A1 (en) | 2000-05-28 | 2004-02-19 | Yaron Mayer | System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages |
US20040039944A1 (en) * | 2002-07-08 | 2004-02-26 | Teiji Karasaki | System and method for secure wall |
US20040054588A1 (en) | 1999-12-08 | 2004-03-18 | Jacobs Paul E. | E-mail software and method and system for distributing advertisements to client devices that have such e-mail software installed thereon |
US6735700B1 (en) | 2000-01-11 | 2004-05-11 | Network Associates Technology, Inc. | Fast virus scanning using session stamping |
US6754815B1 (en) * | 2000-03-31 | 2004-06-22 | Intel Corporation | Method and system for scrubbing an isolated area of memory after reset of a processor operating in isolated execution mode if a cleanup flag is set |
US6757685B2 (en) | 2001-02-19 | 2004-06-29 | Hewlett-Packard Development Company, L.P. | Process for executing a downloadable service receiving restrictive access rights to at least one profile file |
US6756236B2 (en) | 2000-12-05 | 2004-06-29 | Sony International (Europe) Gmbh | Method of producing a ferroelectric memory and a memory device |
US6772345B1 (en) | 2002-02-08 | 2004-08-03 | Networks Associates Technology, Inc. | Protocol-level malware scanner |
US20040199763A1 (en) * | 2003-04-01 | 2004-10-07 | Zone Labs, Inc. | Security System with Methodology for Interprocess Communication Control |
US6804780B1 (en) | 1996-11-08 | 2004-10-12 | Finjan Software, Ltd. | System and method for protecting a computer and a network from hostile downloadables |
US20040230794A1 (en) * | 2003-05-02 | 2004-11-18 | Paul England | Techniques to support hosting of a first execution environment by a second execution environment with protection for the first execution environment |
US6836885B1 (en) | 1998-09-21 | 2004-12-28 | Wyse Technology Inc. | Method and apparatus for display of windowing application programs on a terminal |
US20040267929A1 (en) * | 2003-06-27 | 2004-12-30 | Servgate Technologies, Inc | Method, system and computer program products for adaptive web-site access blocking |
US20050005153A1 (en) * | 2003-06-30 | 2005-01-06 | Kaustubh Das | Processor based system and method for virus detection |
US6871348B1 (en) * | 1999-09-15 | 2005-03-22 | Intel Corporation | Method and apparatus for integrating the user interfaces of multiple applications into one application |
US6873988B2 (en) | 2001-07-06 | 2005-03-29 | Check Point Software Technologies, Inc. | System and methods providing anti-virus cooperative enforcement |
US6880110B2 (en) | 2000-05-19 | 2005-04-12 | Self Repairing Computers, Inc. | Self-repairing computer having protected software template and isolated trusted computing environment for automated recovery from virus and hacker attack |
US20050091661A1 (en) * | 2003-10-24 | 2005-04-28 | Kurien Thekkthalackal V. | Integration of high-assurance features into an application through application factoring |
US20050149726A1 (en) * | 2003-10-21 | 2005-07-07 | Amit Joshi | Systems and methods for secure client applications |
US20050198692A1 (en) * | 2004-03-02 | 2005-09-08 | International Business Machines Corporation | System and method of protecting a computing system from harmful active content in documents |
US20050240810A1 (en) | 2004-04-06 | 2005-10-27 | Safford Kevin D | Off-chip lockstep checking |
US20060004667A1 (en) | 2004-06-30 | 2006-01-05 | Microsoft Corporation | Systems and methods for collecting operating system license revenue using an emulated computing environment |
US6990630B2 (en) | 1998-05-15 | 2006-01-24 | Unicast Communications Corporation | Technique for implementing browser-initiated user-transparent network-distributed advertising and for interstitially displaying an advertisement, so distributed, through a web browser in response to a user click-stream |
US6996828B1 (en) * | 1997-09-12 | 2006-02-07 | Hitachi, Ltd. | Multi-OS configuration method |
US7013484B1 (en) * | 2000-03-31 | 2006-03-14 | Intel Corporation | Managing a secure environment using a chipset in isolated execution mode |
US7024581B1 (en) * | 2002-10-09 | 2006-04-04 | Xpoint Technologies, Inc. | Data processing recovery system and method spanning multiple operating system |
US7024555B2 (en) * | 2001-11-01 | 2006-04-04 | Intel Corporation | Apparatus and method for unilaterally loading a secure operating system within a multiprocessor environment |
US7062672B2 (en) | 2001-06-08 | 2006-06-13 | Hewlett-Packard Development Company, L.P. | Method of and computer network arrangement for restoring an impaired software image |
US7082615B1 (en) * | 2000-03-31 | 2006-07-25 | Intel Corporation | Protecting software environment in isolated execution |
US7085928B1 (en) | 2000-03-31 | 2006-08-01 | Cigital | System and method for defending against malicious software |
US7096381B2 (en) | 2001-05-21 | 2006-08-22 | Self Repairing Computer, Inc. | On-the-fly repair of a computer |
US7139890B2 (en) | 2002-04-30 | 2006-11-21 | Intel Corporation | Methods and arrangements to interface memory |
US7146640B2 (en) * | 2002-09-05 | 2006-12-05 | Exobox Technologies Corp. | Personal computer internet security system |
US7146305B2 (en) * | 2000-10-24 | 2006-12-05 | Vcis, Inc. | Analytical virtual machine |
US7181768B1 (en) | 1999-10-28 | 2007-02-20 | Cigital | Computer intrusion detection system and method based on application monitoring |
US7191469B2 (en) | 2002-05-13 | 2007-03-13 | Green Border Technologies | Methods and systems for providing a secure application environment using derived user accounts |
US7246374B1 (en) | 2000-03-13 | 2007-07-17 | Microsoft Corporation | Enhancing computer system security via multiple user desktops |
US7284274B1 (en) | 2001-01-18 | 2007-10-16 | Cigital, Inc. | System and method for identifying and eliminating vulnerabilities in computer software applications |
US7373505B2 (en) | 2004-04-15 | 2008-05-13 | Microsoft Corporation | Displaying a security element with a browser window |
US7401230B2 (en) | 2004-03-31 | 2008-07-15 | Intel Corporation | Secure virtual machine monitor to tear down a secure execution environment |
US7421689B2 (en) | 2003-10-28 | 2008-09-02 | Hewlett-Packard Development Company, L.P. | Processor-architecture for facilitating a virtual machine monitor |
US7444412B2 (en) | 2001-06-08 | 2008-10-28 | Hewlett-Packard Development Company, L.P. | Data processing system and method |
US7484247B2 (en) * | 2004-08-07 | 2009-01-27 | Allen F Rozman | System and method for protecting a computer system from malicious software |
US7565522B2 (en) | 2004-05-10 | 2009-07-21 | Intel Corporation | Methods and apparatus for integrity measurement of virtual machine monitor and operating system via secure launch |
US7596694B1 (en) | 2004-03-08 | 2009-09-29 | Hewlett-Packard Development Company, L.P. | System and method for safely executing downloaded code on a computer system |
US7657419B2 (en) * | 2001-06-19 | 2010-02-02 | International Business Machines Corporation | Analytical virtual machine |
US7676842B2 (en) | 2002-04-13 | 2010-03-09 | Computer Associates Think, Inc. | System and method for detecting malicious code |
US7818808B1 (en) * | 2000-12-27 | 2010-10-19 | Intel Corporation | Processor mode for limiting the operation of guest software running on a virtual machine supported by a virtual machine monitor |
US7849310B2 (en) * | 2002-11-18 | 2010-12-07 | Arm Limited | Switching between secure and non-secure processing modes |
US7854008B1 (en) * | 2007-08-10 | 2010-12-14 | Fortinet, Inc. | Software-hardware partitioning in a virus processing system |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US586013A (en) * | 1897-07-06 | Cartridge-loading implement | ||
US6658576B1 (en) * | 1999-09-29 | 2003-12-02 | Smartpower Corporation | Energy-conserving communication apparatus selectively switching between a main processor with main operating instructions and keep-alive processor with keep-alive operating instruction |
US6456554B1 (en) * | 1999-10-19 | 2002-09-24 | Texas Instruments Incorporated | Chip identifier and method of fabrication |
-
2004
- 2004-08-07 US US10/913,609 patent/US7484247B2/en active Active - Reinstated
-
2010
- 2010-03-09 US US12/720,207 patent/USRE43500E1/en active Active
- 2010-03-09 US US12/720,147 patent/USRE43528E1/en active Active
- 2010-08-10 US US12/854,149 patent/USRE43103E1/en active Active
- 2010-11-07 US US12/941,067 patent/USRE43529E1/en active Active
-
2011
- 2011-01-27 US US13/015,186 patent/USRE43987E1/en active Active
Patent Citations (112)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4890098A (en) | 1987-10-20 | 1989-12-26 | International Business Machines Corporation | Flexible window management on a computer display |
US5564051A (en) * | 1989-08-03 | 1996-10-08 | International Business Machines Corporation | Automatic update of static and dynamic files at a remote network node in response to calls issued by or for application programs |
US5280579A (en) | 1990-09-28 | 1994-01-18 | Texas Instruments Incorporated | Memory mapped interface between host computer and graphics system |
US5502808A (en) | 1991-07-24 | 1996-03-26 | Texas Instruments Incorporated | Video graphics display system with adapter for display management based upon plural memory sources |
US5673403A (en) * | 1992-11-13 | 1997-09-30 | International Business Machines Corporation | Method and system for displaying applications of different operating systems on a single system using the user interface of the different operating systems |
US5666030A (en) | 1994-07-20 | 1997-09-09 | Ncr Corporation | Multiple window generation in computer display |
US5555364A (en) | 1994-08-23 | 1996-09-10 | Prosoft Corporation | Windowed computer display |
US6108715A (en) | 1994-12-13 | 2000-08-22 | Microsoft Corporation | Method and system for invoking remote procedure calls |
US5751979A (en) * | 1995-05-31 | 1998-05-12 | Unisys Corporation | Video hardware for protected, multiprocessing systems |
US5826013A (en) | 1995-09-28 | 1998-10-20 | Symantec Corporation | Polymorphic virus detection module |
US5918039A (en) | 1995-12-29 | 1999-06-29 | Wyse Technology, Inc. | Method and apparatus for display of windowing application programs on a terminal |
US6678712B1 (en) * | 1996-01-19 | 2004-01-13 | International Business Machines Corporation | Method and system for executing a program under one of a plurality of mutually exclusive operating environments |
US6183366B1 (en) | 1996-01-19 | 2001-02-06 | Sheldon Goldberg | Network gaming system |
US5995103A (en) | 1996-05-10 | 1999-11-30 | Apple Computer, Inc. | Window grouping mechanism for creating, manipulating and displaying windows and window groups on a display screen of a computer system |
US6351816B1 (en) | 1996-05-30 | 2002-02-26 | Sun Microsystems, Inc. | System and method for securing a program's execution in a network environment |
US6804780B1 (en) | 1996-11-08 | 2004-10-12 | Finjan Software, Ltd. | System and method for protecting a computer and a network from hostile downloadables |
US6581162B1 (en) | 1996-12-31 | 2003-06-17 | Compaq Information Technologies Group, L.P. | Method for securely creating, storing and using encryption keys in a computer system |
US6658573B1 (en) | 1997-01-17 | 2003-12-02 | International Business Machines Corporation | Protecting resources in a distributed computer system |
US6285987B1 (en) | 1997-01-22 | 2001-09-04 | Engage, Inc. | Internet advertising system |
US5974549A (en) * | 1997-03-27 | 1999-10-26 | Soliton Ltd. | Security monitor |
US6167522A (en) | 1997-04-01 | 2000-12-26 | Sun Microsystems, Inc. | Method and apparatus for providing security for servers executing application programs received via a network |
US6480198B2 (en) | 1997-06-27 | 2002-11-12 | S3 Graphics Co., Ltd. | Multi-function controller and method for a computer graphics display system |
US6401134B1 (en) | 1997-07-25 | 2002-06-04 | Sun Microsystems, Inc. | Detachable java applets |
US5978917A (en) | 1997-08-14 | 1999-11-02 | Symantec Corporation | Detection and elimination of macro viruses |
US6275938B1 (en) | 1997-08-28 | 2001-08-14 | Microsoft Corporation | Security enhancement for untrusted executable code |
US6321337B1 (en) | 1997-09-09 | 2001-11-20 | Sanctum Ltd. | Method and system for protecting operations of trusted internal networks |
US6199181B1 (en) * | 1997-09-09 | 2001-03-06 | Perfecto Technologies Ltd. | Method and system for maintaining restricted operating environments for application programs or operating systems |
US6996828B1 (en) * | 1997-09-12 | 2006-02-07 | Hitachi, Ltd. | Multi-OS configuration method |
US6091412A (en) | 1997-09-30 | 2000-07-18 | The United States Of America As Represented By The Secretary Of The Navy | Universal client device permitting a computer to receive and display information from several special applications |
US6134661A (en) | 1998-02-11 | 2000-10-17 | Topp; William C. | Computer network security device and method |
US6397242B1 (en) | 1998-05-15 | 2002-05-28 | Vmware, Inc. | Virtualization system including a virtual machine monitor for a computer with a segmented architecture |
US6990630B2 (en) | 1998-05-15 | 2006-01-24 | Unicast Communications Corporation | Technique for implementing browser-initiated user-transparent network-distributed advertising and for interstitially displaying an advertisement, so distributed, through a web browser in response to a user click-stream |
US6216112B1 (en) | 1998-05-27 | 2001-04-10 | William H. Fuller | Method for software distribution and compensation with replenishable advertisements |
US6505300B2 (en) | 1998-06-12 | 2003-01-07 | Microsoft Corporation | Method and system for secure running of untrusted content |
US6433794B1 (en) | 1998-07-31 | 2002-08-13 | International Business Machines Corporation | Method and apparatus for selecting a java virtual machine for use with a browser |
US6836885B1 (en) | 1998-09-21 | 2004-12-28 | Wyse Technology Inc. | Method and apparatus for display of windowing application programs on a terminal |
US6691230B1 (en) | 1998-10-15 | 2004-02-10 | International Business Machines Corporation | Method and system for extending Java applets sand box with public client storage |
US6385721B1 (en) * | 1999-01-22 | 2002-05-07 | Hewlett-Packard Company | Computer with bootable hibernation partition |
US6438600B1 (en) | 1999-01-29 | 2002-08-20 | International Business Machines Corporation | Securely sharing log-in credentials among trusted browser-based applications |
US6192477B1 (en) * | 1999-02-02 | 2001-02-20 | Dagg Llc | Methods, software, and apparatus for secure communication over a computer network |
US6492995B1 (en) | 1999-04-26 | 2002-12-10 | International Business Machines Corporation | Method and system for enabling localization support on web applications |
US6507948B1 (en) | 1999-09-02 | 2003-01-14 | International Business Machines Corporation | Method, system, and program for generating batch files |
US6871348B1 (en) * | 1999-09-15 | 2005-03-22 | Intel Corporation | Method and apparatus for integrating the user interfaces of multiple applications into one application |
US7181768B1 (en) | 1999-10-28 | 2007-02-20 | Cigital | Computer intrusion detection system and method based on application monitoring |
US20040054588A1 (en) | 1999-12-08 | 2004-03-18 | Jacobs Paul E. | E-mail software and method and system for distributing advertisements to client devices that have such e-mail software installed thereon |
US6735700B1 (en) | 2000-01-11 | 2004-05-11 | Network Associates Technology, Inc. | Fast virus scanning using session stamping |
US6546554B1 (en) | 2000-01-21 | 2003-04-08 | Sun Microsystems, Inc. | Browser-independent and automatic apparatus and method for receiving, installing and launching applications from a browser on a client computer |
US7246374B1 (en) | 2000-03-13 | 2007-07-17 | Microsoft Corporation | Enhancing computer system security via multiple user desktops |
US20020066016A1 (en) | 2000-03-15 | 2002-05-30 | International Business Machines Corporation | Access control for computers |
US6507904B1 (en) | 2000-03-31 | 2003-01-14 | Intel Corporation | Executing isolated mode instructions in a secure system running in privilege rings |
US7082615B1 (en) * | 2000-03-31 | 2006-07-25 | Intel Corporation | Protecting software environment in isolated execution |
US6553377B1 (en) | 2000-03-31 | 2003-04-22 | Network Associates, Inc. | System and process for maintaining a plurality of remote security applications using a modular framework in a distributed computing environment |
US6678825B1 (en) | 2000-03-31 | 2004-01-13 | Intel Corporation | Controlling access to multiple isolated memories in an isolated execution environment |
US7085928B1 (en) | 2000-03-31 | 2006-08-01 | Cigital | System and method for defending against malicious software |
US6633963B1 (en) | 2000-03-31 | 2003-10-14 | Intel Corporation | Controlling access to multiple memory zones in an isolated execution environment |
US6754815B1 (en) * | 2000-03-31 | 2004-06-22 | Intel Corporation | Method and system for scrubbing an isolated area of memory after reset of a processor operating in isolated execution mode if a cleanup flag is set |
US7013484B1 (en) * | 2000-03-31 | 2006-03-14 | Intel Corporation | Managing a secure environment using a chipset in isolated execution mode |
US6578140B1 (en) * | 2000-04-13 | 2003-06-10 | Claude M Policard | Personal computer having a master computer system and an internet computer system and monitoring a condition of said master and internet computer systems |
US6880110B2 (en) | 2000-05-19 | 2005-04-12 | Self Repairing Computers, Inc. | Self-repairing computer having protected software template and isolated trusted computing environment for automated recovery from virus and hacker attack |
US7577871B2 (en) | 2000-05-19 | 2009-08-18 | Vir2Us, Inc. | Computer system and method having isolatable storage for enhanced immunity to viral and malicious code infection |
US20040034794A1 (en) | 2000-05-28 | 2004-02-19 | Yaron Mayer | System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages |
US7039801B2 (en) * | 2000-06-30 | 2006-05-02 | Microsoft Corporation | System and method for integrating secure and non-secure software objects |
US20020002673A1 (en) * | 2000-06-30 | 2002-01-03 | Microsoft Corporation | System and method for integrating secure and non-secure software objects |
US7650493B2 (en) * | 2000-06-30 | 2010-01-19 | Microsoft Corporation | System and method for integrating secure and non-secure software objects |
US20030177397A1 (en) | 2000-08-31 | 2003-09-18 | Ben Samman | Virus protection in an internet environment |
US7146305B2 (en) * | 2000-10-24 | 2006-12-05 | Vcis, Inc. | Analytical virtual machine |
US20020052809A1 (en) * | 2000-11-02 | 2002-05-02 | Orell Fussli Security Documents Ag | Method for verifying the authenticity of articles |
US6756236B2 (en) | 2000-12-05 | 2004-06-29 | Sony International (Europe) Gmbh | Method of producing a ferroelectric memory and a memory device |
US7818808B1 (en) * | 2000-12-27 | 2010-10-19 | Intel Corporation | Processor mode for limiting the operation of guest software running on a virtual machine supported by a virtual machine monitor |
US7284274B1 (en) | 2001-01-18 | 2007-10-16 | Cigital, Inc. | System and method for identifying and eliminating vulnerabilities in computer software applications |
US6757685B2 (en) | 2001-02-19 | 2004-06-29 | Hewlett-Packard Development Company, L.P. | Process for executing a downloadable service receiving restrictive access rights to at least one profile file |
US20020174349A1 (en) | 2001-05-15 | 2002-11-21 | Wolff Daniel Joseph | Detecting malicious alteration of stored computer files |
US7096381B2 (en) | 2001-05-21 | 2006-08-22 | Self Repairing Computer, Inc. | On-the-fly repair of a computer |
US7444412B2 (en) | 2001-06-08 | 2008-10-28 | Hewlett-Packard Development Company, L.P. | Data processing system and method |
US7062672B2 (en) | 2001-06-08 | 2006-06-13 | Hewlett-Packard Development Company, L.P. | Method of and computer network arrangement for restoring an impaired software image |
US7657419B2 (en) * | 2001-06-19 | 2010-02-02 | International Business Machines Corporation | Analytical virtual machine |
US6873988B2 (en) | 2001-07-06 | 2005-03-29 | Check Point Software Technologies, Inc. | System and methods providing anti-virus cooperative enforcement |
US20030023857A1 (en) | 2001-07-26 | 2003-01-30 | Hinchliffe Alexander James | Malware infection suppression |
US20030131152A1 (en) | 2001-09-20 | 2003-07-10 | Ulfar Erlingsson | Altered states of software component behavior |
US7024555B2 (en) * | 2001-11-01 | 2006-04-04 | Intel Corporation | Apparatus and method for unilaterally loading a secure operating system within a multiprocessor environment |
US20030097591A1 (en) | 2001-11-20 | 2003-05-22 | Khai Pham | System and method for protecting computer users from web sites hosting computer viruses |
US6772345B1 (en) | 2002-02-08 | 2004-08-03 | Networks Associates Technology, Inc. | Protocol-level malware scanner |
US20030221114A1 (en) * | 2002-03-08 | 2003-11-27 | International Business Machines Corporation | Authentication system and method |
US7676842B2 (en) | 2002-04-13 | 2010-03-09 | Computer Associates Think, Inc. | System and method for detecting malicious code |
US7139890B2 (en) | 2002-04-30 | 2006-11-21 | Intel Corporation | Methods and arrangements to interface memory |
US7191469B2 (en) | 2002-05-13 | 2007-03-13 | Green Border Technologies | Methods and systems for providing a secure application environment using derived user accounts |
US20040006706A1 (en) * | 2002-06-06 | 2004-01-08 | Ulfar Erlingsson | Methods and systems for implementing a secure application execution environment using derived user accounts for internet content |
US20040006715A1 (en) | 2002-07-05 | 2004-01-08 | Skrepetos Nicholas C. | System and method for providing security to a remote computer over a network browser interface |
US7260839B2 (en) * | 2002-07-08 | 2007-08-21 | Hitachi, Ltd. | System and method for secure wall |
US20040039944A1 (en) * | 2002-07-08 | 2004-02-26 | Teiji Karasaki | System and method for secure wall |
US6663000B1 (en) | 2002-08-01 | 2003-12-16 | Networks Associates Technology, Inc. | Validating components of a malware scanner |
US7146640B2 (en) * | 2002-09-05 | 2006-12-05 | Exobox Technologies Corp. | Personal computer internet security system |
US7024581B1 (en) * | 2002-10-09 | 2006-04-04 | Xpoint Technologies, Inc. | Data processing recovery system and method spanning multiple operating system |
US7849310B2 (en) * | 2002-11-18 | 2010-12-07 | Arm Limited | Switching between secure and non-secure processing modes |
US20040199763A1 (en) * | 2003-04-01 | 2004-10-07 | Zone Labs, Inc. | Security System with Methodology for Interprocess Communication Control |
US20040230794A1 (en) * | 2003-05-02 | 2004-11-18 | Paul England | Techniques to support hosting of a first execution environment by a second execution environment with protection for the first execution environment |
US20040267929A1 (en) * | 2003-06-27 | 2004-12-30 | Servgate Technologies, Inc | Method, system and computer program products for adaptive web-site access blocking |
US20050005153A1 (en) * | 2003-06-30 | 2005-01-06 | Kaustubh Das | Processor based system and method for virus detection |
US20050149726A1 (en) * | 2003-10-21 | 2005-07-07 | Amit Joshi | Systems and methods for secure client applications |
US7694328B2 (en) | 2003-10-21 | 2010-04-06 | Google Inc. | Systems and methods for secure client applications |
US20050091661A1 (en) * | 2003-10-24 | 2005-04-28 | Kurien Thekkthalackal V. | Integration of high-assurance features into an application through application factoring |
US7730318B2 (en) | 2003-10-24 | 2010-06-01 | Microsoft Corporation | Integration of high-assurance features into an application through application factoring |
US7421689B2 (en) | 2003-10-28 | 2008-09-02 | Hewlett-Packard Development Company, L.P. | Processor-architecture for facilitating a virtual machine monitor |
US20050198692A1 (en) * | 2004-03-02 | 2005-09-08 | International Business Machines Corporation | System and method of protecting a computing system from harmful active content in documents |
US7596694B1 (en) | 2004-03-08 | 2009-09-29 | Hewlett-Packard Development Company, L.P. | System and method for safely executing downloaded code on a computer system |
US7401230B2 (en) | 2004-03-31 | 2008-07-15 | Intel Corporation | Secure virtual machine monitor to tear down a secure execution environment |
US20050240810A1 (en) | 2004-04-06 | 2005-10-27 | Safford Kevin D | Off-chip lockstep checking |
US7373505B2 (en) | 2004-04-15 | 2008-05-13 | Microsoft Corporation | Displaying a security element with a browser window |
US7565522B2 (en) | 2004-05-10 | 2009-07-21 | Intel Corporation | Methods and apparatus for integrity measurement of virtual machine monitor and operating system via secure launch |
US20060004667A1 (en) | 2004-06-30 | 2006-01-05 | Microsoft Corporation | Systems and methods for collecting operating system license revenue using an emulated computing environment |
US7484247B2 (en) * | 2004-08-07 | 2009-01-27 | Allen F Rozman | System and method for protecting a computer system from malicious software |
US7854008B1 (en) * | 2007-08-10 | 2010-12-14 | Fortinet, Inc. | Software-hardware partitioning in a virus processing system |
Non-Patent Citations (48)
Title |
---|
"A Flexible Containment Mechanism for Executing Untrusted Code" by David Peterson, Matt Bishop, and Raju Pandey, Department of Computer Science University of California, Davis USENIX Security Symposium San Francisco, California, USA Aug. 5-9, 2002. |
"A Sandbox Operating System Environment for Controlled Execution of Alien Code." by Asit Dan, Ajay Mohindra, Rajiv Ramaswami, and Dinkar Sitaram IBM Research Division T.J. Watson Research Center Yorktown Heights, New York RC 20742 (Feb. 20, 1997) Computer Science IBM Research Report. |
"A Secure Environment for Untrusted Helper Applications (Confining the Wily Hacker)." by Ian Goldberg, David Wagner, Randi Thomas, and Eric Brewer, Computer Science Division, University of California, Berkeley, Sixth USENIX UNIX Security Symposium San Jose, California, Jul. 1996. |
"A Virtual Machine Introspection Based Architecture for Intrusion Detection" by Tal Garfinkel and Mendel Rosenblum, Computer Science Department, Stanford University 2003. |
"Application-Controlled Physical Memory using External Page-Cache Management." by Keiran Harty and David R. Cheriton, Computer Science Department, Stanford University, 1992. |
"Architecture of Virtual Machines" by R. P. Goldberg, Honeywell Information Systems, Inc. and Harvard University Presented at the AFIPS National Computer Conference, New York, New York, Jun. 4-8, 1973. |
"Beyond Viruses: Why Anti-Virus Software is No Longer Enough" by David Stang PhD, Pest Patrol, 2002. |
"Building a Secure Web Browser" by Sotiris Ioannidis, Steven M. Bellovin, 2001 USENIX Annual Technical Conference Boston, Massachusetts, USA Jun. 25-30, 2001. |
"Building Systems that Flexibly Control Downloaded Executable Context." by Trent Jaeger and Atul Prakash, Software Systems Research Lab, University of Michigan and Aviel D. Rubin, Security Research Group, Bellcore Sixth USENIX UNIX Security Symposium San Jose, California, Jul. 1996. |
"Design of the EROS Trusted Window System" by Jonathan S. Shapiro, John Vanderburgh, Eric Northrup, Systems Research Laboratory Johns Hopkins University, and, David Chizmadia, Promia, Inc. 2004. |
"Efficient Software-Based Fault Isolation." by Robert Wahbe, Steven Lucco, Thomas Anderson, Susan Graham, Computer Science Division University of California, Berkeley, SIGOPS 1993. |
"Flexible Control of Downloaded Executable Content." by Trent Jaeger and Jochen Liedtke and Nayeem Islam, IBM Thomas J. Watson Research Center, and Atul Prakash University of Michigan, Ann Arbor ACM Transactions on Information and System Security, vol. 2, No. 2, May 1999, pp. 177-228. |
"J2ME Building Blocks for Mobile Devices: White Paper on KVM and the Connected, Limited Device Configuration." Sun Microsystems May 19, 2000. |
"Java Security: From HotJava to Netscape and Beyond." by Drew Dean, Edward W. Felten, Dan S. Wallach Department of Computer Science, Princeton University, Princeton, NJ 08544 1996 IEEE Symposium on Security and Privacy, Oakland, CA, May 6-8, 1996. |
"ReVirt: Enabling Intrusion Analysis through Virtual-Machine Logging and Replay" by George W. Dunlap, Samuel T. King, Sukru Cinar, Murtaza A. Basrai, Peter M. Chen, Department of Electrical Engineering and Computer Science, University of Michigan Proceedings of the 2002 Symposium on Operating Systems Design and Implementation (OSDI). |
"Security of Web Browser Scripting Languages: Vulnerabilities, Attacks, and Remedies." by Vinod Anupam and Alain Mayer, Bell Laboratories, Lucent Technologies 7th USENIX Security Symposium San Antonio, Texas, Jan. 26-29, 1998. |
"Software Security and Privacy Risks in Mobile E-Commerce" by Anup K. Ghosh and Tara M. Swaminatha, Communications of the ACM Feb. 2001 vol. 44, No. 2. |
"Spyware, Adware, and Peer to Peer Networks; The Hidden Threat to Corporate Security" by Kevin Townsend, Pest Patrol, 2003. |
"Survey of System Virtualization Techniques." by Robert Rose Mar. 8, 2004. |
"Terra: A Virtual Machine-Based Platform for Trusted Computing" by Tal Garfinkel, Ben Pfaff, Jim Chow, Dan Boneh and Mendel Rosenblum, Computer Science Department, Stanford University SOSP'03, Oct. 19-22, 2003, Bolton Landing, New York, USA. |
"The Duality of Memory and Communication in the Implementation of a Multiprocessor Operating System." by Michael Young, Avadis Tevanian, Richard Rasheed, David Golub, Jeffery Eppinger, Jonathan Crew, William Bolosky, David Black and Robert Baron, Computer Science Department Carnegie-Mellon University Proceedings of the 11th Operating Systems Principles, Nov. 1987. |
"The Web: Threat or Menace?" From "Firewalls and Internet Security: Repelling the Wiley Hacker", Second Edition, Addison-Wesley, ISBN 0-201-63466-X, 2003 ©. |
"The Web: Threat or Menace?" from "Firewalls and Internet Security: Repelling the Wiley Hacker", Second Edition, Addison-Wesley, ISBN 0-201-63466-X, 2003. |
"TRON: Process-Specific File Protection for the UNIX Operating System." by Andrew Berman, Virgil Bourassa, Erik Selberg, Department of Computer Science and Engineering, University of Washington, Jan. 23, 1995. |
"Trusted Paths for Browsers: An Open-Source Solution to Web Spoofing" by Zishuang (Eileen) Ye and Sean Smith Department of Computer Science Dartmouth College Technical Report TR2002-418 Feb. 4, 2002. |
"User Interaction Design for Secure Systems" by Ka-Ping Yee Proceedings of the 4th International Conference on Information and Communications Security table of contents pp. 278-290, 2002, ISBN:3-540-00164-6. |
"User-level Resource-constrained Sandboxing" by Fangzhe Chang, Ayal Itzkovitz, and Vijay Karamcheti Department of Computer Science, Courant Institute of Mathematical Sciences, New York University USENIX Windows System Symposium, Aug. 2000. |
"Verifying the EROS Confinement Mechanism" by Jonathan S. Shapiro and San Weber IBM T.J. Watson Research Center 0-7695-0665-8/00 2000 IEEE. |
"Virtual Memory in Contemporary Microprocessors." by Bruce Jacob University of Maryland and Trevor Mudge University of Michigan, IEEE MICRO Jul.-Aug. 1998. |
"Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor" by Jeremy Sugerman, Ganesh Venkitachalam and Beng-Hong Lim, VMware, Inc. 3145 Porter Dr, Palo Alto, CA 943042001 USENIX Annual Technical Conference Boston, Massachusetts, USA Jun. 25-30, 2001. |
"Vulnerability of Secure Web Browsers." by Flavio De Paoli, Andre Dos Santos, Richard Kemmerer Reliable Software Group Computer Science Department, University of California, Santa Barbara, 1997. |
"When Virtual Is Better Than Real" by Peter M. Chen and Brian D. Noble, Department of Electrical Engineering and Computer Science University of Michigan, 2001. |
"WindowBox: A Simple Security Model for the Connected Desktop" by Dirk Balfanz, Princeton University and Daniel R. Simon, Microsoft Research, 2000. |
"Xen and the Art of Virtualization" by Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebaurey, Ian Pratt, Andrew Warfield University of Cambridge Computer Laboratory 15 JJ Thomson Avenue, Cambridge, UK, CB3 0FD SOSP'03, Oct. 19-22, 2003, Bolton Landing, New York, USA. |
David A. Wagner, "Janus: an approach for confinement of untrusted applications." Master's thesis, University of California, Berkeley, 1999.. Also available, Technical Report CSD-99/1056, UC Berkeley, Computer Science Division. http://www.cs.berkeley.edu/~-daw/papers/janus-masters.ps. |
David A. Wagner, "Janus: an approach for confinement of untrusted applications." Master's thesis, University of California, Berkeley, 1999.. Also available, Technical Report CSD-99/1056, UC Berkeley, Computer Science Division. http://www.cs.berkeley.edu/˜-daw/papers/janus-masters.ps. |
David Stang, PhD; "Beyond Viruses: Why Anti-Virus Software is No Longer Enough", © Pest Patrol 2002. |
Kevin Townsend; "Spyware, Adware, and Peer to Peer Networks; The Hidden Threat to Corporate Security" © Pest Patrol, 2003. |
M. Schmid, F. Hill, A. Ghosh, "Protecting Data from Malicious Software." Annual Computer Security Applications Conference (ACSAC'02), Las Vegas, NV, Dec. 2002. |
Marc Stiegler and Mark Miller, Report Name: "A Capability Based Client: The Darpa Browser" Combex/Focused Research Topic 5/BAA-00-06-SNK, Nov. 18, 2002. |
Microsoft® Virtual PC 2004 Technical Overview by Jerry Honeycutt Published Nov. 2003 http://download.microsoft.com/download/c/f/b/cfb100a7-463d-4b86-ad62-064397178b4f/Virtual-PC-Technical-Overview.doc. |
Nimisha V. Mehta, Karen R. Sollins, "Expanding and Extending the Security Features of Java." Proceedings of the 7th USENIX Security Symposium, San Antonio, Texas, Jan. 26-29, 1998. |
Richard West and Jason Gloudon, "User-Level Sandboxing: a Safe and Efficient Mechanism for Extensibility", Technical Report, 2003-014, Boston University, Jun. 2003. |
Shaya Potter, Jason Nieh, Dinesh Subhraveti, "Secure Isolation and Migration of Untrusted Legacy Applications." Columbia University Technical Report CUCS-005-04, Jan. 2004. |
Sotiris loannidis and Steven M. Bellovin. "Sub-Operating Systems: A New Approach to Application Security." Technical Report MS-CIS-01-06, University of Pennsylvania, Feb. 2000. |
T. Jaeger, A. D. Rubin, and A. Prakash. "Building systems that flexibly control downloaded executable content." In Proceedings of the 1996 USENIX Security Symposium, pp. 131-148, San Jose, CA., 1996. |
Valentin Razmov "Security in Untrusted Code Environments: Missing Pieces of the Puzzle." Dept. of Computer Science and Engineering, University of Washington, Mar. 30, 2002. |
White Paper: "Smart Phone Security Issues" by Luc Delpha and Maliha Rasheed, Cyber Risk Consulting Blackhat Briefings Europe May 2004. |
Cited By (35)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10061922B2 (en) * | 2012-04-30 | 2018-08-28 | Verint Systems Ltd. | System and method for malware detection |
US11316878B2 (en) | 2012-04-30 | 2022-04-26 | Cognyte Technologies Israel Ltd. | System and method for malware detection |
US20130347114A1 (en) * | 2012-04-30 | 2013-12-26 | Verint Systems Ltd. | System and method for malware detection |
US8938796B2 (en) | 2012-09-20 | 2015-01-20 | Paul Case, SR. | Case secure computer architecture |
US9122633B2 (en) | 2012-09-20 | 2015-09-01 | Paul Case, SR. | Case secure computer architecture |
US8646084B1 (en) | 2012-09-28 | 2014-02-04 | Kaspersky Lab Zao | Securing file launch activity utilizing safety ratings |
US10198427B2 (en) | 2013-01-29 | 2019-02-05 | Verint Systems Ltd. | System and method for keyword spotting using representative dictionary |
US11038907B2 (en) | 2013-06-04 | 2021-06-15 | Verint Systems Ltd. | System and method for malware detection learning |
US9923913B2 (en) | 2013-06-04 | 2018-03-20 | Verint Systems Ltd. | System and method for malware detection learning |
US10592063B1 (en) | 2013-12-09 | 2020-03-17 | Google Llc | Controlling actions for browser extensions |
US9870116B1 (en) | 2013-12-09 | 2018-01-16 | Google Llc | Controlling actions for browser extensions |
US11463360B2 (en) | 2014-07-24 | 2022-10-04 | Cognyte Technologies Israel Ltd. | System and method for range matching |
US10630588B2 (en) | 2014-07-24 | 2020-04-21 | Verint Systems Ltd. | System and method for range matching |
US11432139B2 (en) | 2015-01-28 | 2022-08-30 | Cognyte Technologies Israel Ltd. | System and method for combined network-side and off-air monitoring of wireless networks |
US10560842B2 (en) | 2015-01-28 | 2020-02-11 | Verint Systems Ltd. | System and method for combined network-side and off-air monitoring of wireless networks |
US10142426B2 (en) | 2015-03-29 | 2018-11-27 | Verint Systems Ltd. | System and method for identifying communication session participants based on traffic patterns |
US10623503B2 (en) | 2015-03-29 | 2020-04-14 | Verint Systems Ltd. | System and method for identifying communication session participants based on traffic patterns |
US11386135B2 (en) | 2015-10-22 | 2022-07-12 | Cognyte Technologies Israel Ltd. | System and method for maintaining a dynamic dictionary |
US10546008B2 (en) | 2015-10-22 | 2020-01-28 | Verint Systems Ltd. | System and method for maintaining a dynamic dictionary |
US10614107B2 (en) | 2015-10-22 | 2020-04-07 | Verint Systems Ltd. | System and method for keyword searching using both static and dynamic dictionaries |
US11093534B2 (en) | 2015-10-22 | 2021-08-17 | Verint Systems Ltd. | System and method for keyword searching using both static and dynamic dictionaries |
US11381977B2 (en) | 2016-04-25 | 2022-07-05 | Cognyte Technologies Israel Ltd. | System and method for decrypting communication exchanged on a wireless local area network |
US10491609B2 (en) | 2016-10-10 | 2019-11-26 | Verint Systems Ltd. | System and method for generating data sets for learning to identify user actions |
US11303652B2 (en) | 2016-10-10 | 2022-04-12 | Cognyte Technologies Israel Ltd | System and method for generating data sets for learning to identify user actions |
US10944763B2 (en) | 2016-10-10 | 2021-03-09 | Verint Systems, Ltd. | System and method for generating data sets for learning to identify user actions |
US11336738B2 (en) | 2017-04-30 | 2022-05-17 | Cognyte Technologies Israel Ltd. | System and method for tracking users of computer applications |
US10972558B2 (en) | 2017-04-30 | 2021-04-06 | Verint Systems Ltd. | System and method for tracking users of computer applications |
US11095736B2 (en) | 2017-04-30 | 2021-08-17 | Verint Systems Ltd. | System and method for tracking users of computer applications |
US11575625B2 (en) | 2017-04-30 | 2023-02-07 | Cognyte Technologies Israel Ltd. | System and method for identifying relationships between users of computer applications |
US11336609B2 (en) | 2018-01-01 | 2022-05-17 | Cognyte Technologies Israel Ltd. | System and method for identifying pairs of related application users |
US10958613B2 (en) | 2018-01-01 | 2021-03-23 | Verint Systems Ltd. | System and method for identifying pairs of related application users |
US11403559B2 (en) | 2018-08-05 | 2022-08-02 | Cognyte Technologies Israel Ltd. | System and method for using a user-action log to learn to classify encrypted traffic |
US11444956B2 (en) | 2019-03-20 | 2022-09-13 | Cognyte Technologies Israel Ltd. | System and method for de-anonymizing actions and messages on networks |
US10999295B2 (en) | 2019-03-20 | 2021-05-04 | Verint Systems Ltd. | System and method for de-anonymizing actions and messages on networks |
US11399016B2 (en) | 2019-11-03 | 2022-07-26 | Cognyte Technologies Israel Ltd. | System and method for identifying exchanges of encrypted communication traffic |
Also Published As
Publication number | Publication date |
---|---|
USRE43528E1 (en) | 2012-07-17 |
USRE43987E1 (en) | 2013-02-05 |
USRE43500E1 (en) | 2012-07-03 |
US7484247B2 (en) | 2009-01-27 |
USRE43103E1 (en) | 2012-01-10 |
US20060031940A1 (en) | 2006-02-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
USRE43529E1 (en) | System and method for protecting a computer system from malicious software | |
US11604861B2 (en) | Systems and methods for providing real time security and access monitoring of a removable media device | |
US9509713B2 (en) | Browsing support infrastructure with tiered malware support | |
AU2014393471B2 (en) | Systems and methods for using a reputation indicator to facilitate malware scanning | |
US8225404B2 (en) | Trusted secure desktop | |
US7725737B2 (en) | System and methodology providing secure workspace environment | |
US20040034794A1 (en) | System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages | |
US20070240212A1 (en) | System and Methodology Protecting Against Key Logger Spyware | |
US20030159070A1 (en) | System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages | |
US7665139B1 (en) | Method and apparatus to detect and prevent malicious changes to tokens | |
US20130061323A1 (en) | System and method for protecting against malware utilizing key loggers | |
Kienzle et al. | Security patterns repository version 1.0 | |
US7712135B2 (en) | Pre-emptive anti-virus protection of computing systems | |
GB2411988A (en) | Preventing programs from accessing communication channels withut user permission | |
WO2009094372A1 (en) | System and method for protecting data accessed through a network connection | |
US20090198994A1 (en) | Updated security system | |
Pham et al. | Universal serial bus based software attacks and protection solutions | |
US8171552B1 (en) | Simultaneous execution of multiple anti-virus programs | |
US9602538B1 (en) | Network security policy enforcement integrated with DNS server | |
Iglio | Trustedbox: a kernel-level integrity checker | |
Martsenyuk et al. | Features of multifunctional Backdoor technology in the personal space of users. | |
GB2411747A (en) | Remotely checking the functioning of computer security systems | |
CA2424144A1 (en) | System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages | |
Schwendemann | ERNW NEWSLETTER 55/SEPTEMBER 2016 | |
Kunle et al. | Current Survey of Computer Malwares Infestation and Inhibition |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: CIOFFI, ALFONSO, TEXAS Free format text: LETTERS OF TESTAMENTARY;ASSIGNOR:ROZMAN, ALLEN FRANK;REEL/FRAME:034499/0346 Effective date: 20121029 |
|
AS | Assignment |
Owner name: ROZMAN, MORGAN LEE, TEXAS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:CIOFFI, ALFONSO;REEL/FRAME:034385/0958 Effective date: 20141114 Owner name: ROZMAN, MEGAN ELIZABETH, TEXAS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:CIOFFI, ALFONSO;REEL/FRAME:034385/0958 Effective date: 20141114 Owner name: ROZMAN, MELANIE ANN, TEXAS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:CIOFFI, ALFONSO;REEL/FRAME:034385/0958 Effective date: 20141114 |
|
CBM | Aia trial proceeding filed before patent trial and appeal board: covered business methods |
Free format text: TRIAL NO: CBM2017-00016 Opponent name: GOOGLE INC. Effective date: 20161104 Free format text: TRIAL NO: CBM2017-00009 Opponent name: GOOGLE INC. Effective date: 20161104 |
|
RR | Request for reexamination filed |
Effective date: 20170607 |
|
AS | Assignment |
Owner name: ROZMAN, MORGAN LEE, TEXAS Free format text: CORRECTIVE ASSIGNMENT TO CORRECT THE CONVEYING PARTY DATA TO READ ALLEN FRANK ROZMAN (DECEASED) REPRESENTED BY ALFONSO CIOFFI (EXECUTOR OF ESTATE) PREVIOUSLY RECORDED ON REEL 034385 FRAME 0958. ASSIGNOR(S) HEREBY CONFIRMS THE ASSIGNMENT;ASSIGNOR:ALLEN FRANK ROZMAN (DECEASED) REPRESENTED BY ALFONSO CIOFFI (EXECUTOR OF ESTATE);REEL/FRAME:052994/0740 Effective date: 20141114 Owner name: ROZMAN, MEGAN ELIZABETH, TEXAS Free format text: CORRECTIVE ASSIGNMENT TO CORRECT THE CONVEYING PARTY DATA TO READ ALLEN FRANK ROZMAN (DECEASED) REPRESENTED BY ALFONSO CIOFFI (EXECUTOR OF ESTATE) PREVIOUSLY RECORDED ON REEL 034385 FRAME 0958. ASSIGNOR(S) HEREBY CONFIRMS THE ASSIGNMENT;ASSIGNOR:ALLEN FRANK ROZMAN (DECEASED) REPRESENTED BY ALFONSO CIOFFI (EXECUTOR OF ESTATE);REEL/FRAME:052994/0740 Effective date: 20141114 Owner name: ROZMAN, MELANIE ANN, TEXAS Free format text: CORRECTIVE ASSIGNMENT TO CORRECT THE CONVEYING PARTY DATA TO READ ALLEN FRANK ROZMAN (DECEASED) REPRESENTED BY ALFONSO CIOFFI (EXECUTOR OF ESTATE) PREVIOUSLY RECORDED ON REEL 034385 FRAME 0958. ASSIGNOR(S) HEREBY CONFIRMS THE ASSIGNMENT;ASSIGNOR:ALLEN FRANK ROZMAN (DECEASED) REPRESENTED BY ALFONSO CIOFFI (EXECUTOR OF ESTATE);REEL/FRAME:052994/0740 Effective date: 20141114 |
|
FEPP | Fee payment procedure |
Free format text: 11.5 YR SURCHARGE- LATE PMT W/IN 6 MO, SMALL ENTITY (ORIGINAL EVENT CODE: M2556); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 12TH YR, SMALL ENTITY (ORIGINAL EVENT CODE: M2553); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY Year of fee payment: 12 |
|
LIMR | Reexamination decision: claims changed and/or cancelled |
Kind code of ref document: C1 Free format text: REEXAMINATION CERTIFICATE; THE PATENTABILITY OF CLAIMS 21-48, 50-52, 54-56 AND 62 IS CONFIRMED. CLAIMS 1-20 WERE PREVIOUSLY CANCELLED. CLAIMS 53, 57-61 AND 63-65 ARE CANCELLED. CLAIM 49 WAS NOT REEXAMINED. Filing date: 20170607 Effective date: 20231221 |