WO1997012321A1 - Virus detection and removal apparatus for computer networks - Google Patents
Virus detection and removal apparatus for computer networks Download PDFInfo
- Publication number
- WO1997012321A1 WO1997012321A1 PCT/US1996/015348 US9615348W WO9712321A1 WO 1997012321 A1 WO1997012321 A1 WO 1997012321A1 US 9615348 W US9615348 W US 9615348W WO 9712321 A1 WO9712321 A1 WO 9712321A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data
- mail message
- virus
- proxy server
- server
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/564—Static detection by virus signature recognition
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/21—Monitoring or handling of messages
- H04L51/212—Monitoring or handling of messages using filtering or selective blocking
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/06—Message adaptation to terminal or network requirements
- H04L51/063—Content adaptation, e.g. replacement of unsuitable content
Definitions
- the present invention relates generally to computer systems and computer networks.
- the present invention relates to a system and method for detecting and removing computer viruses.
- the present invention relates to a system and method for detecting and removing computer viruses from file and message transfers between computer networks.
- FIG. 1 a block diagram of a portion of a prior art information system 20 is shown.
- the portion of the information system 20 shown comprises a first network 22, a second network 24 and third network 26.
- This information system 20 is provided only by way of example, and those skilled in the art will realize that the information system 20 may include any number of networks, each of the networks being its own protected domain and having any number of nodes.
- each of the networks 22, 24, 26 is formed from a plurality of nodes 30, 32.
- Each of the nodes 30, 32 is preferably a microcomputer.
- the nodes 30, 32 are coupled together to form a network by a plurality of network connections 36.
- the nodes 30, 32 may be connected together using a token ring format, ethernet format or any of the various other formats known in the art.
- Each of the networks 22, 24, 26 includes a node 32 that acts as a gateway to link the respective network 22, 24, 26 to other networks 22, 24, 26.
- Each of the gateway nodes 32 is preferably coupled by a standard telephone line connection 34 such as POTS (Plain Old Telephone Service) or a T-l link to the other gateway nodes 32 through a telephone switching network 28. All communication between the networks 22, 24, 26 is preferably performed through one of the gateway nodes 32.
- a computer virus is a section of code that is buried or hidden in another program. Once the program is executed, the code is activated and attaches itself to other programs in the system. Infected programs in turn copy the code to other programs. The effect of such viruses can be simple pranks that cause a message to be displayed on the screen or more serious effects such as the destruction of programs and data.
- Another problem in the prior art is worms. Worms are destructive programs that replicate themselves throughout disk and memory using up all available computer resources eventually causing the computer system to crash. Obviously, because of the destructive nature of worms and viruses, there is a need for eliminating them from computers and networks.
- virus detection method commonly referred to as behavior interception
- behavior interception monitors the computer or system for important operating system functions such as write, erase, format disk, etc.
- the program prompts the user for input as to whether such an operation is expected. If such an operation is not expected (e.g., the user was not operating any program that employed such a function), the user can abort the operation knowing it was being prompted by a virus program.
- signature scanning scans program code that is being copied onto the system. The system searches for known patterns of program code used for viruses. Currently, signature scanning only operates on the floppy disk drives, hard drives or optical drives.
- a system including the present invention is a network formed of a plurality of nodes and a gateway node for connection to other networks.
- the nodes are preferably microcomputers, and the gateway node comprises: a display device, a central processing unit, a memory forming the apparatus of the present invention, an input device, a network link and a communications unit.
- the memory further comprises an operating system including a kernel, a File Transfer Protocol (FTP) proxy server, and a Simple Mail Transfer Protocol (SMTP) proxy server.
- the central processing unit, display device, input device, and memory are coupled and operate to execute the application programs stored in the memory.
- the central processing unit of the gateway node also executes the FTP proxy server for transmitting and receiving files over the communications unit, and executes the SMTP proxy server for transmitting and receiving messages over the communications unit.
- the FTP proxy server and SMTP proxy server are preferably executed concurrently with the normal operation of the gateway node.
- the servers advantageously operate in a manner such that viruses transmitted to or from the network in messages and files are detected before the files are transferred into or from the network.
- the gateway node of the present invention is particularly advantageous because the impact of using the FTP proxy server and SMTP proxy server for the detection of viruses is minimized because only the files leaving or entering the network are evaluated for the presence of viruses and all other "intra"network traffic is unaffected.
- the present invention also comprises a method for processing a file before transmission into the network and a method for processing a file before transmission from the network.
- the preferred method for processing a file comprises the steps of: receiving the data transfer command and file name; transferring the file to the proxy server; performing virus detection on the file; determining whether the file contains any viruses; transferring the file from the proxy server to a recipient node if the file does not contain a virus; and performing a preset action with the file if it does contain a virus.
- the present invention also includes methods for processing messages before transmission to or from the network that operate in a similar manner.
- Figure 1 is a block diagram of a prior art information system with a plurality of networks and a plurality of nodes upon which the present invention operates;
- Figure 2 is a block diagram of a preferred embodiment for a gateway node including the apparatus of the present invention;
- FIG. 3 is a block diagram of a preferred embodiment for a memory of the gateway node including the apparatus of the present invention
- Figure 4 is a block diagram of a preferred embodiment for a protocol layer hierarchy constructed according to the present invention compared to the OSI layer model of the prior art;
- Figure 5A is a functional block diagram showing a preferred system for sending data files according to a preferred embodiment of the present invention
- Figure 5B is a functional block diagram showing a preferred system for receiving data files according to a preferred embodiment of the present invention
- Figures 6A, 6B and 6C are a flowchart of the preferred method for performing file transfer according to the present invention
- Figure 7 is a functional block diagram showing a preferred system for transmitting mail messages according to a preferred embodiment of the present invention.
- Figures 8A and 8B are a flow chart of a preferred method for sending messages to /from a network.
- the virus detection system and method of the present invention preferably operates on an information system 20 as has been described above with reference to Figure 1.
- the present invention like the prior art, preferably includes a plurality of node systems 30 and at least one gateway node 33 for each network 22, 24, 26.
- the present invention is different from the prior art because it provides novel gateway node 33 that also performs virus detection for all files being transmitted into or out of a network. Furthermore, the novel gateway node 33 also performs virus detection on all messages being transmitted into or out of an associated network.
- a preferred embodiment of the gateway node 33 comprises a display device 40, a central processing unit (CPU) 42, a memory 44, a data storage device 46, an input device 50, a network link 52, and a communications unit 54.
- the CPU 42 is connected by a bus 56 to the display device 40, the memory 44, the data storage device 46, the input device 50, the network link 52, and the communications unit 54 in a von Neumann architecture.
- the CPU 42, display device 40, input device 50, and memory 44 may be coupled in a conventional manner such as a personal computer.
- the CPU 42 is preferably a microprocessor such as an Motorola 68040 or Intel Pentium or X86 type processor; the display device 40 is preferably a video monitor; and the input device 50 is preferably a keyboard and mouse type controller.
- the CPU 42 is also coupled to the data storage device 44 such as a hard disk drive in a conventional manner.
- the gateway node 33 may also be a mini-computer or a mainframe computer.
- the bus 56 is also coupled to the network link 52 to facilitate communication between the gateway node 33 and the other nodes 30 of the network.
- the network link 52 is preferably a network adapter card including a transceiver that is coupled to a cable or line 36.
- the network link 52 may be an ethernet card connected to a coaxial line, a twisted pair line or a fiber optic line.
- the network link 52 is responsible for sending, receiving, and storing the signals sent over the network or within the protected domain of a given network.
- the network link 52 is coupled to the bus 56 to provide these signals to the CPU 34 and vice versa.
- the bus 56 is also coupled to the communications unit 54 to facilitate communication between the gateway node 33 and the other networks.
- the communications unit 54 is coupled to the CPU 42 for sending data and message to other networks.
- the communications unit 54 may be a modem, a bridge or a router coupled to the other networks in a conventional manner.
- the communications unit 54 is preferably a router.
- the communications unit 54 is in turn coupled to other networks via a media 34 such as a dedicated T-l phone line, fiber optics, or any one of a number of conventional connecting methods.
- the CPU 42 under the guidance and control of instructions received from the memory 44 and from the user through the input device 50, provides signals for sending and receiving data using the communications unit 54.
- the transfer of data between networks is broken down into the sending and receiving files and messages which in turn are broken down into packets.
- the methods of the present invention employ a virus detection scheme that is applied to all transfers of messages and files into or out of a network via its gateway node 33.
- the memory 44 is preferably a random access memory (RAM), but may also include read-only memory (ROM).
- the memory 44 preferably comprises a File Transfer Protocol (FTP) proxy server 60, a Simple Mail Transfer Protocol (SMTP) proxy server 62, and an operating system 64 including a kernel 66.
- the routines of the present invention for detecting viruses in file transfers and messages primarily include the FTP proxy server 60 and the SMTP proxy server 62.
- the FTP proxy server 60 is a routine for controlling file transfers to and from the gateway node 33 via the communications unit 54, and thus controlling file transfers to and from a given network of which the gateway node is a part. The operation of the FTP proxy server 60 is described below in more detail with reference to Figures 5 A, 5B, 6 A, 6B and 6C.
- the SMTP proxy server 62 is a routine for controlling the transfer of messages to and from the gateway node 33, and thus to and from the respective network associated with the gateway node 33.
- the operation of the SMTP proxy server 62 is described below in more detail with reference to Figure 7 8A and 8B.
- the present invention preferably uses a conventional operating system 28 such as Berkeley Software Distribution UNIX. Those skilled in the art will realize how the present invention may be readily adapted for use with other operating systems such as Macintosh System Software version 7.1, DOS , Windows or Windows NT.
- the memory 44 may also include a variety of different application programs 68 including but not limited to computer drawing programs, word processing programs, and spreadsheet programs.
- the present invention is particularly advantageous over the prior because it minimizes the impact of virus detection and elimination since the FTP proxy server 60 and SMTP proxy server 62 are preferably only included or installed in the memory 44 of the gateway nodes 33. Thus, all data being transferred inside the protected domain of a given network will not be checked because the data packets might not be routed via the gateway node 33.
- the apparatus of the present invention in particular the FTP proxy server 60 and SMTP proxy server 62, has been described above as being located and preferably is located on the gateway node 33, those skilled in the art will realize that the apparatus of the present invention could also be included on a FTP server or a world wide web server for scanning files and messages as they are downloaded from the web. Furthermore, in an alternate embodiment, the apparatus of the present invention may be included in each node of a network for performing virus detection on all messages received or transmitted from that node.
- the CPU 42 also utilizes a protocol layer hierarchy to communicate over the network.
- the protocol layers of the hierarchy of the present invention are shown in Figure 4 in comparison to the ISO-OSI reference model, for example.
- the protocol layers 410-426 of the hierarchy of the present invention are similar to the prior art protocol layers for the lower four layers 400- 403 including: (1) a physical layer 400 formed of the transmission media 410; (2) a data link layer 401 formed of the network interface cards 411; (3) a network layer 402 formed of address resolution 412, Internet protocol 413 and Internet control message protocol 414; and (4) a transport layer 403 formed of the transmission control protocol 415 and a user datagram protocol 416.
- the protocol hierarchy of the present invention provides four methods of communication: a file transfer protocol 417, a simple mail transfer protocol 419, a TELNET protocol 419 and a simple network management protocol 420.
- the present invention advantageously detects, controls and eliminates viruses by providing an additional layer between the application layer 406 and the presentation layer 405 for the gateway nodes 33.
- a FTP proxy server layer 421 and a SMTP proxy server layer 422 are provided.
- These layers 421, 422 operate in conjunction with the file transfer layer 423 and file transfer protocol 417, and the electronic mail layer 424 and the SMTP protocol layer 418, to process file transfers and messages, respectively.
- any file transfer requests are generated by the file transfer application 423, first processed by the FTP proxy server layer 421, then processed by the file transfer protocol 417 and other lower layers 415, 413, 411 until the data transfer is actually applied to the transmission media 410.
- any messaging requests are first processed by the SMTP proxy server layer 418, and thereafter processed by the SMTP protocol and other lower layers 415, 413, 411 until the physical layer is reached.
- the present invention is particularly advantageous because all virus screening is performed below the application level.
- the applications are unaware that such virus detection and elimination is being performed, and these operations are completely transparent to the operation of the application level layers 406.
- the FTP proxy server layer 421 and the SMTP proxy server layer 422 have been shown in Figure 4 as being their own layer to demonstrate the coupling effects they provide between the file transfer layer 423 and file transfer protocol 417, and the electronic mail layer 424 and the SMTP protocol layer 418, those skilled in the art will realize that the FTP proxy server layer 421 and the SMTP proxy server layer 422 can also be correctly viewed as being part of the file transfer protocol layer 417 and the SMTP protocol layer 418, respectively, because they are invisible or transparent to the application layer 406.
- FIG. 5A and 5B graphically show the functions performed by an Internet daemon 70, the FTP proxy server 60, and an FTP daemon 78, each of which resides on the gateway note 33.
- FIGs 5A and 5B like reference numbers have been used for like parts and the figures are different only in the direction in which the file is being transferred (either from client task 72 to server task 82 or from server task 82 to client task 72).
- FIG. 5A and 5B For the sake of clarity and ease of understanding only the data ports are shown in Figures 5A and 5B, and the bi-directional lines represent command or control pathways and are assumed to include a command port although it is not explicitly shown.
- the operation FTP proxy server 60 will now be described with reference to a file transfer between a client task 72 (requesting machine) and a server task 82 (supplying machine). While it is assumed that the client task 72 (requesting machine) is inside a protected domain and the server task 82 (supplying machine) is outside the protected domain, the invention described below is also used by the gateway node 33 when client task 72 (requesting machine) is outside the protected domain and the server task 82 (supplying machine) is inside the protected domain.
- FIGS 6A-6C are a flowchart of a preferred method for performing file transfers from a controlled domain of a network across a medium 34 to another network (e.g., a file transfer from a node 32 of the second network 24 across the media 34 to a second node 32 of the third network 26).
- the method begins with step 600 with the client node sending a connection request over the network to the gateway node 33.
- the gateway node 33 preferably has an operating system 64 as described above, and part of the operating system 64 includes a fire wall, or program including routines for authenticating users.
- the gateway node 33 first tries to authenticate the user and decide whether to allow the connections requested, once the request is received. This is done in a conventional manner typically available as part of UNIX.
- the Internet daemon 70 creates an instance of the FTP proxy server 60 and passes the connection to the FTP proxy server 60 for servicing in step 602.
- the Internet daemon 70 is program that is part of the operating system 64, and it runs in the background. When being run, one of the functions of the Internet daemon 70 is to bind socket ports for many well-known services, such as TELNET, login, and FTP. When a connect request is detected, the
- the Internet daemon 70 constructed in accordance with the present invention, spawns the FTP proxy server 60, which is the server that will actually handle the data transfer. Thereafter, the FTP proxy server 60 controls the network traffic passing between the client task 72 and the server task 82. Then in step 604, the client node sends a data transfer request and file name, and established a first data port 76 through which the data will be transferred between the FTP proxy server 60 and the client task 72. In step 606 the data transfer request and file name are received by the FTP proxy server 60. In step 608, the FTP proxy server 60 determines whether the data is being transferred in an outbound direction (e.g., the file is being transferred from the client task 72 to the server task 82).
- an outbound direction e.g., the file is being transferred from the client task 72 to the server task 82.
- step 610 the FTP proxy server 60 determines whether the file to be transferred is of a type that can contain viruses. This step is preferably performed by checking the extension of the file name. For example, .txt, .bmd, .pcx and .gif extension files indicate that the file is not likely to contain viruses while .exe, .zip, and .com extension files are of the type that often contain viruses. If the file to be transferred is not of a type that can contain viruses, then the method continues in step 612.
- a second data port 80 is established and the data transfer request & the file are sent from the FTP proxy server 60 to the FTP daemon 78 so that the file can be sent to the server task 82.
- the FTP daemon 78 is a program executed by the gateway node 33 that communicates the transfer commands to the server task 82, establishes a third port 84 for sending the file including binding the server task 82 and FTP daemon 78 to the third port 84, and transmits the file to the server task 82. Once transmitted, the method is complete and ends. However, if it is determined in step 610 that the file to be transferred is of a type that can contain viruses, the method proceeds to step 614.
- the FTP proxy server 60 transfers the file from the client to the FTP proxy server 60 through the first port 76, and in step 616, the file is temporarily stored at the gateway node 33. Then in step 618, the temporarily stored file is analyzed to determine if it contains viruses. This is preferably done by invoking a virus-checking program on the temporarily stored file. For example, a program the performs a version of signature scanning virus detection such as PC-Cillin manufactured and sold by Trend Micro Devices Incorporated of Cupertino, California may be used. However, those skilled in the art will realize that various other virus detection methods may also be used in step 618.
- step 620 output of the virus checking program is preferably echoed to the user /client task 72 by the FTP proxy server 60 as part of a reply message.
- step 622 the method determines whether any viruses were detected. If no viruses are detected, the method continues in step 612 and transmits the file as has been described above. However, if a virus is detected, the present invention advantageously allows the FTP proxy server 60 to respond in any number of a variety of ways. The response of the FTP proxy server 60 is determined according to user's needs and wants as specified in a configuration file. This configuration file is preferably fully modifiable according to input from the user and stored in memory 44.
- step 624 the configuration file is retrieved to determine the handling of the temporary file.
- step 626 the FTP proxy server 60 determines if it is to ignore the existence of a virus and a continue the transfer.
- step 612 the file is passed to the FTP daemon 78 and the temporary file is deleted. If not the method continues to step 628 where either the file is deleted and not sent to the server task 82, and the temporary file is erased from the gateway node 33; or the file is renamed and stored in a specified directory on the gateway node 33 and the user is notified of the new file name and directory path which can used to manually request the file from the system administrator, and the temporary file is erased the gateway node 33.
- the action taken in step 628 depends on the configuration settings as determined in step 624. After step 628, the method ends. As can be seen from
- the path for the file is from client task 72 through the first data port 76 to the FTP proxy server 60, then to the FTP daemon 78 through the second data port 80 and finally to the server task 82 through the third data port 84.
- the method transitions from step 608 to step 640.
- Figure 6C in conjunction with Figure 5B, the process for transferring data into the protected domain of the network is described in more detail.
- the FTP proxy server 60 next sends the data transfer request and file name first to the FTP daemon 78 and then on to the server task 82.
- a second port 80 is established between the FTP proxy server 60 and the FTP daemon 78.
- a third data port 84 is established between the FTP daemon 78 and the server task 82. Both ports 80, 84 are established similar to the establishment of the first port 76.
- the FTP daemon 78 will request and obtain the third port 84 from the Internet daemon 70, and send a port command to the server task 82 including an address for the third port 84.
- the server task 82 will then connect to the third port 84 and begin the data transfer in step 644.
- the FTP daemon 78 in turn sends the file to the FTP proxy server 60.
- step 646 the FTP proxy server 60 determines whether the file to be transferred is of a type that can contain viruses. This is done the same was as described above with reference to step 610. If the file to be transferred is not of a type that can contain viruses, then the method continues in step 648 where the file is transferred from the FTP proxy server 60 through the first port 76 to the client task 72, then the method is complete and ends. On the other hand, if the file to be transferred is a type that can contain viruses, the method in step 650 temporarily stores the file at the gateway node. Then in step 652, the temporarily stored file is analyzed to determine if it contains viruses. The analysis here is the same as step 618.
- step 652 the output of the virus checking program is preferably echoed to the client task 72 by the FTP proxy server 60 as part of a reply message.
- step 656 the method determines whether any viruses were detected. If no viruses are detected, the method continues in step 648 as has been described above. However, if a virus is detected, the present invention retrieves the configuration file to determine the handling of the temporary file. In step 660, the FTP proxy server 60 determines if it is to ignore the existence of a virus and a continue the file transfer. If so the method continues in step 648 where the file is passed to the client task 72 and the temporary file is erased.
- step 662 the temporary file is erased, and the file is either deleted and not sent to the client task 72 or the file is renamed, stored on the gateway node 33, and the client task 72 is notified of new name and path so that the file may be manually retrieved by the system administrator.
- the method then ends.
- the data transfer request is passed from the client task 72, to the FTP proxy server 60, then to the FTP daemon 78, and to the server task 82 which in response sends the file through the third port to the FTP daemon 78, and through the second port 80 on to the FTP proxy server 60, and finally through the first port 76 to the client task 72.
- the SMTP proxy server 62 controls the only other entry channel through which data, and therefore viruses, can enter the protected domain of a given network.
- the SMTP proxy server 62 is preferably a program that resides on the gateway node 33, and controls and handles all transfers of electronic messages or mail in and out of the network through the communications unit 54 and media 34.
- SMTP proxy server 62 will now be described with reference to the transfer of a mail message from a client task 92 within the protected domain of the network to a server task 102 at a node on a different network outside the protected domain, those skilled in the art will understand how the SMTP proxy server 62 handles incoming mail messages in the same way. All mail messages are handled by the SMTP proxy server 62 in the same way and only the designation of which node 32 is the server and which is the client change depending on the direction the message is being sent from the perspective of the gateway node 33. Since mail messages are passed using the command pathways between nodes, only these pathways are shown in Figure 7. For ease of understanding, the command ports have not been shown in Figure 7, but will be discussed below in the relevant steps of the preferred method.
- step 802 the preferred method of the present invention for sending electronic mail begins in step 802 with the spawning or running the SMTP proxy server 62.
- step 804 a first command port 96 for communication between the client task(s) 92 and the SMTP proxy server 62 is created.
- the address of the first port 96 along with a port command is provided to the SMTP proxy server 62.
- step 806 the SMTP proxy server 62 is bound to the first port 96 to establish a channel for sending a mail message between any client tasks and the SMTP proxy server 62.
- step 808 the SMTP proxy server
- SMTP daemon 98 is preferably the existing program "sendmail" that is part of the BSD UNIX operating system. This is particularly advantageous because it reduces the amount of code that needs to be written and assures compatibility with the lower layers of the OSI reference model.
- a second command port is created for communication between the SMTP proxy server 62 and the SMTP daemon 98.
- the SMTP daemon 98 is bound to the second command port for communication with the SMTP proxy server 62.
- the present invention binds the SMTP daemon 98 to the appropriate port, namely the second port by redefining the bind function in a shared library that is part of the operating system 64.
- the present invention advantageously exploits the fact that the SMTP daemon 98 (sendmail programs on most UNIX systems) are dynamically linked.
- the present invention utilizes a shared library which redefines the system call bind() and forces sendmail to link with the redefined version of the bind() call when executed.
- step 800 the client task 92 request a connection from the SMTP proxy server and is directed to used the first command port for communication. Then in step 818, the message is transmitted from the client task 92 through the first command port to the SMTP proxy server 62. Referring now to Figure 8B, the method continues in step 820 with the
- SMTP proxy server 62 scanning the message body and checking for any portions that are encoded.
- the present invention preferably scans the message for portions that have been encoded with an "uuencoded" encoding scheme that encodes binary data to ASCII data.
- "Uuencoded" portions of messages usually start with a line like "begin 644 filename,” and end with a line like "end.” The existence of such encoded portions suggests the possibility that a file may contain viruses.
- This scanning for "uuencoded” portions is just one of many scanning techniques that may be used, and those skilled in the art will realize that the present invention could be modified to scan for other encoded portions such as those encoded according to other schemes such as mime.
- the SMTP proxy server 62 scanning the message body and checking for any portions that are encoded.
- the present invention preferably scans the message for portions that have been encoded with an "uuencoded” encoding scheme that encodes binary data to ASCII data.
- the SMTP proxy server 62 determines whether the message includes any encoded portions. If the message does not include any encoded portions, the SMTP proxy server 62 transmits the message through the second command port to the SMTP daemon 98 in step 824.
- step 814 the SMTP daemon 98 creates a third command port for communication between the SMTP daemon 98 and the server task 102. Then in step 816 the server task 102 is bound to the third command port to establish communication between the server task 102 and the SMTP daemon 98.
- steps 814 and 816 are not needed and may be omitted since no further transfer of data across the network is needed. Then the SMTP daemon 98 transmits the message through the third command port to the server task 102 in step 826 thereby completing the method.
- the SMTP proxy server 62 stores each of the encoded portions of the message in its own temporary file at the gateway node 33 in step 828. For example, if a message included three encoded portions, each encoded portion will be stored in a separate file. Then in step 830, each of the encoded portions stored in its own file is individually decoded using uudecode program, as will be understood by those skilled in the art. Such decoding programs known in the art convert the ASCII files back to their original binary code.
- the SMTP proxy server 62 calls and executes a virus-checking program on each message portion stored in its temporary file(s). Then in step 834, the SMTP proxy server 62 determines whether any viruses were detected. If no viruses are detected, the method continues to steps 824, 814, 816 and 826 as has been described above.
- the present invention advantageously allows the SMTP proxy server 62 to respond in any number of a variety of ways, just as the FTP proxy server 60.
- the response of the SMTP proxy server 62 is also determined by the according to user's needs and wants as specified in a configuration file.
- This configuration file is preferably fully modifiable according to input from the user.
- the configuration for virus handling is determined in step 836. This could be done by retrieving and reading the configuration file or simply retrieving the configuration data already stored in memory 44. Then in step 838, the action to be taken is determined from the configuration settings.
- some options the user might specify are: 1) to do nothing and transfer the mail message unchanged; 2) to transfer the mail message with the encoded portions that have been determined to have viruses deleted from the mail message; 3) rename the encode portions of the message containing viruses, store the renamed portions as files in a specified directory on the SMTP proxy server 62 and notify the user of the renamed files and directory path which can used to manually request the file from the system administrator; or 4) writing the output of step 832 into the mail message in place of the respective encoded portions and sending that mail message in steps 824 and 826.
- the method of the present invention would send a transformed message that was the same as the original message, but with the two encoded portions containing viruses deleted, to the server task 102.
- the preferred operation of the present invention specifies that the FTP proxy server 60 determine whether the file type is one that can contain a virus (Steps 610 and 646).
- the FTP proxy server 60 determines whether the file type is one that can contain a virus (Steps 610 and 646).
- alternate embodiments can omit these steps and simply temporarily store and scan all files being transferred for viruses.
- the SMTP proxy server 60 may, in alternate embodiments, omit the step 822 of determining whether the message is encoded and temporarily store and scan all message being transmitted for viruses.
Abstract
Description
Claims
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU20019/97A AU2001997A (en) | 1995-09-26 | 1996-09-25 | Virus detection and removal apparatus for computer networks |
EP96933128A EP0852762A1 (en) | 1995-09-26 | 1996-09-25 | Virus detection and removal apparatus for computer networks |
DE19680539T DE19680539T1 (en) | 1995-09-26 | 1996-09-25 | Virus detection and removal device for computer networks |
JP9506029A JPH11513153A (en) | 1995-09-26 | 1996-09-25 | Computer network virus detection and removal equipment |
GB9626395A GB2309561A (en) | 1995-09-26 | 1996-09-25 | Virus detection and removal apparatus for computer networks |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US08/533,706 US5623600A (en) | 1995-09-26 | 1995-09-26 | Virus detection and removal apparatus for computer networks |
US08/533,706 | 1995-09-26 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1997012321A1 true WO1997012321A1 (en) | 1997-04-03 |
Family
ID=24127119
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US1996/015348 WO1997012321A1 (en) | 1995-09-26 | 1996-09-25 | Virus detection and removal apparatus for computer networks |
Country Status (7)
Country | Link |
---|---|
US (1) | US5623600A (en) |
EP (1) | EP0852762A1 (en) |
JP (3) | JPH11513153A (en) |
AU (1) | AU2001997A (en) |
DE (1) | DE19680539T1 (en) |
GB (1) | GB2309561A (en) |
WO (1) | WO1997012321A1 (en) |
Cited By (30)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2316206A (en) * | 1996-08-09 | 1998-02-18 | Apm Ltd | Running programs in a controlled manner |
AU698938B3 (en) * | 1998-08-07 | 1998-11-12 | Compucat Research Pty Limited | Data transfer |
WO1999001819A1 (en) | 1997-07-01 | 1999-01-14 | Progress Software Corporation | Testing and debugging tool for network applications |
JPH11119991A (en) * | 1997-10-17 | 1999-04-30 | Nec Corp | Automatic computer virus detection system using hook system |
US6065118A (en) * | 1996-08-09 | 2000-05-16 | Citrix Systems, Inc. | Mobile code isolation cage |
EP1010059A4 (en) * | 1996-09-05 | 2000-06-21 | Cheyenne Software Int Sales | Anti-virus agent for use with databases and mail servers |
KR20030000584A (en) * | 2001-06-26 | 2003-01-06 | (주)넥센 | Computer virus nonproliferation type system and method for processing a electronic mail |
KR20030020150A (en) * | 2001-09-03 | 2003-03-08 | 주식회사 비즈모델라인 | Method and system for eliminating worm viruses by reverse tracking of their traces with anti-worm vaccine |
EP1329117A1 (en) * | 2000-09-29 | 2003-07-23 | Postini Corporation | Value-added electronic messaging services and transparent implementation thereof using intermediate server |
EP1641202A2 (en) * | 2004-09-17 | 2006-03-29 | Jeroen Oostendorp | Platform for intelligent email distribution |
US7146642B1 (en) | 2001-06-29 | 2006-12-05 | Mcafee, Inc. | System, method and computer program product for detecting modifications to risk assessment scanning caused by an intermediate device |
EP1734722A2 (en) * | 2000-11-09 | 2006-12-20 | Accenture LLP | Electronic security system and scheme for a communication network |
US7254833B1 (en) | 2000-11-09 | 2007-08-07 | Accenture Llp | Electronic security system and scheme for a communications network |
EP1853035A1 (en) * | 2006-05-05 | 2007-11-07 | Broadcom Corporation | Switching network employing server quarantine functionality |
EP1853022A1 (en) * | 2006-05-05 | 2007-11-07 | Broadcom Corporation | Switching network employing virus detection |
EP1853024A1 (en) * | 2006-05-05 | 2007-11-07 | Broadcom Corporation | Switching network employing adware quarantine techniques |
WO2008054952A2 (en) * | 2006-10-30 | 2008-05-08 | At & T Corp. | Method and apparatus for providing network based end-device protection |
GB2452473A (en) * | 2004-09-17 | 2009-03-11 | Jeroen Oostendorp | E-mail filter with pre-filtering |
US7596137B2 (en) | 2006-05-05 | 2009-09-29 | Broadcom Corporation | Packet routing and vectoring based on payload comparison with spatially related templates |
US7603472B2 (en) | 2003-02-19 | 2009-10-13 | Google Inc. | Zero-minute virus and spam detection |
US7647321B2 (en) | 2004-04-26 | 2010-01-12 | Google Inc. | System and method for filtering electronic messages using business heuristics |
US7668951B2 (en) | 2004-05-25 | 2010-02-23 | Google Inc. | Electronic message source reputation information system |
US7751397B2 (en) | 2006-05-05 | 2010-07-06 | Broadcom Corporation | Switching network employing a user challenge mechanism to counter denial of service attacks |
US7761915B2 (en) | 2005-12-28 | 2010-07-20 | Zyxel Communications Corp. | Terminal and related computer-implemented method for detecting malicious data for computer network |
US7948977B2 (en) | 2006-05-05 | 2011-05-24 | Broadcom Corporation | Packet routing with payload analysis, encapsulation and service module vectoring |
US7958187B2 (en) | 2003-02-19 | 2011-06-07 | Google Inc. | Systems and methods for managing directory harvest attacks via electronic messages |
WO2012045984A1 (en) * | 2010-10-07 | 2012-04-12 | Electricite De France | Method and device for the secure transfer of data |
US8223965B2 (en) | 2006-05-05 | 2012-07-17 | Broadcom Corporation | Switching network supporting media rights management |
US8725889B2 (en) | 2002-02-19 | 2014-05-13 | Google Inc. | E-mail management services |
US10552603B2 (en) | 2000-05-17 | 2020-02-04 | Finjan, Inc. | Malicious mobile code runtime monitoring system and methods |
Families Citing this family (407)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5889943A (en) * | 1995-09-26 | 1999-03-30 | Trend Micro Incorporated | Apparatus and method for electronic mail virus detection and elimination |
US6067410A (en) * | 1996-02-09 | 2000-05-23 | Symantec Corporation | Emulation repair system |
US6571338B1 (en) * | 1995-12-20 | 2003-05-27 | Sun Microsystems Inc. | Maintaining packet security in a computer network |
US5898830A (en) * | 1996-10-17 | 1999-04-27 | Network Engineering Software | Firewall providing enhanced network security and user transparency |
US5826014A (en) * | 1996-02-06 | 1998-10-20 | Network Engineering Software | Firewall system for protecting network elements connected to a public network |
US6553410B2 (en) | 1996-02-27 | 2003-04-22 | Inpro Licensing Sarl | Tailoring data and transmission protocol for efficient interactive data transactions over wide-area networks |
US6076109A (en) * | 1996-04-10 | 2000-06-13 | Lextron, Systems, Inc. | Simplified-file hyper text protocol |
US5745679A (en) * | 1996-03-06 | 1998-04-28 | Micron Technology, Inc. | Method and device for file transfer by cascade release |
US5864852A (en) * | 1996-04-26 | 1999-01-26 | Netscape Communications Corporation | Proxy server caching mechanism that provides a file directory structure and a mapping mechanism within the file directory structure |
US6473099B1 (en) * | 1996-06-03 | 2002-10-29 | Webtv Networks, Inc. | Automatically upgrading software over a satellite link |
US5996022A (en) | 1996-06-03 | 1999-11-30 | Webtv Networks, Inc. | Transcoding data in a proxy computer prior to transmitting the audio data to a client |
US6311197B2 (en) | 1996-06-03 | 2001-10-30 | Webtv Networks, Inc. | Method for downloading a web page to a client for efficient display on a television screen |
US5935207A (en) | 1996-06-03 | 1999-08-10 | Webtv Networks, Inc. | Method and apparatus for providing remote site administrators with user hits on mirrored web sites |
US6957260B1 (en) | 1996-06-03 | 2005-10-18 | Microsoft Corporation | Method of improving access to services provided by a plurality of remote service providers |
US5918013A (en) | 1996-06-03 | 1999-06-29 | Webtv Networks, Inc. | Method of transcoding documents in a network environment using a proxy server |
US5940074A (en) | 1996-06-03 | 1999-08-17 | Webtv Networks, Inc. | Remote upgrade of software over a network |
US7555458B1 (en) | 1996-06-05 | 2009-06-30 | Fraud Control System.Com Corporation | Method of billing a purchase made over a computer network |
US8229844B2 (en) | 1996-06-05 | 2012-07-24 | Fraud Control Systems.Com Corporation | Method of billing a purchase made over a computer network |
US20030195847A1 (en) | 1996-06-05 | 2003-10-16 | David Felger | Method of billing a purchase made over a computer network |
US6151643A (en) | 1996-06-07 | 2000-11-21 | Networks Associates, Inc. | Automatic updating of diverse software products on multiple client computer systems by downloading scanning application to client computer and generating software list on client computer |
AU3496797A (en) * | 1996-06-21 | 1998-01-07 | Integrated Computing Engines, Inc. | Network based programmable media manipulator |
US5867651A (en) * | 1996-08-27 | 1999-02-02 | International Business Machines Corporation | System for providing custom functionality to client systems by redirecting of messages through a user configurable filter network having a plurality of partially interconnected filters |
US5944823A (en) * | 1996-10-21 | 1999-08-31 | International Business Machines Corporations | Outside access to computer resources through a firewall |
US6167520A (en) * | 1996-11-08 | 2000-12-26 | Finjan Software, Inc. | System and method for protecting a client during runtime from hostile downloadables |
US7613926B2 (en) * | 1997-11-06 | 2009-11-03 | Finjan Software, Ltd | Method and system for protecting a computer and a network from hostile downloadables |
US9219755B2 (en) | 1996-11-08 | 2015-12-22 | Finjan, Inc. | Malicious mobile code runtime monitoring system and methods |
US6154844A (en) * | 1996-11-08 | 2000-11-28 | Finjan Software, Ltd. | System and method for attaching a downloadable security profile to a downloadable |
US8079086B1 (en) | 1997-11-06 | 2011-12-13 | Finjan, Inc. | Malicious mobile code runtime monitoring system and methods |
US6802028B1 (en) * | 1996-11-11 | 2004-10-05 | Powerquest Corporation | Computer virus detection and removal |
US5878417A (en) * | 1996-11-20 | 1999-03-02 | International Business Machines Corporation | Method and apparatus for network security in browser based interfaces |
US5778174A (en) * | 1996-12-10 | 1998-07-07 | U S West, Inc. | Method and system for providing secured access to a server connected to a private computer network |
US6049821A (en) * | 1997-01-24 | 2000-04-11 | Motorola, Inc. | Proxy host computer and method for accessing and retrieving information between a browser and a proxy |
JP3381055B2 (en) * | 1997-01-27 | 2003-02-24 | 裕典 若山 | Virus intrusion prevention method and virus intrusion prevention mechanism |
US6104802A (en) | 1997-02-10 | 2000-08-15 | Genesys Telecommunications Laboratories, Inc. | In-band signaling for routing |
US6480600B1 (en) | 1997-02-10 | 2002-11-12 | Genesys Telecommunications Laboratories, Inc. | Call and data correspondence in a call-in center employing virtual restructuring for computer telephony integrated functionality |
US7031442B1 (en) | 1997-02-10 | 2006-04-18 | Genesys Telecommunications Laboratories, Inc. | Methods and apparatus for personal routing in computer-simulated telephony |
US5896499A (en) * | 1997-02-21 | 1999-04-20 | International Business Machines Corporation | Embedded security processor |
IL120420A (en) | 1997-03-10 | 1999-12-31 | Security 7 Software Ltd | Method and system for preventing the downloading and execution of executable objects |
US6263444B1 (en) | 1997-03-11 | 2001-07-17 | National Aerospace Laboratory Of Science & Technology Agency | Network unauthorized access analysis method, network unauthorized access analysis apparatus utilizing the method, and computer-readable recording medium having network unauthorized access analysis program recorded thereon |
KR100528156B1 (en) * | 1997-03-12 | 2005-11-15 | 노마딕스, 인코포레이티드 | Nomadic Translator or Router |
US6480486B2 (en) * | 1997-05-21 | 2002-11-12 | Lextron Systems, Inc. | Micro-localized internet service center |
US6185551B1 (en) | 1997-06-16 | 2001-02-06 | Digital Equipment Corporation | Web-based electronic mail service apparatus and method using full text and label indexing |
US6009462A (en) * | 1997-06-16 | 1999-12-28 | Digital Equipment Corporation | Replacing large bit component of electronic mail (e-mail) message with hot-link in distributed computer system |
JP2000501540A (en) * | 1997-06-17 | 2000-02-08 | パーデュー ファーマ エルピー | Self-destroying document and email message system |
US7162738B2 (en) * | 1998-11-03 | 2007-01-09 | Tumbleweed Communications Corp. | E-mail firewall with stored key encryption/decryption |
AU8759098A (en) * | 1997-07-24 | 1999-02-16 | Tumbleweed Communications Corporation | E-mail firewall with stored key encryption/decryption |
US20050081059A1 (en) * | 1997-07-24 | 2005-04-14 | Bandini Jean-Christophe Denis | Method and system for e-mail filtering |
US7117358B2 (en) * | 1997-07-24 | 2006-10-03 | Tumbleweed Communications Corp. | Method and system for filtering communication |
US7127741B2 (en) * | 1998-11-03 | 2006-10-24 | Tumbleweed Communications Corp. | Method and system for e-mail message transmission |
US7546346B2 (en) * | 1997-07-28 | 2009-06-09 | Juniper Networks, Inc. | Workflow systems and methods for project management and information management |
US5978836A (en) | 1997-07-28 | 1999-11-02 | Solectron Corporation | Workflow systems and methods |
US5983348A (en) * | 1997-09-10 | 1999-11-09 | Trend Micro Incorporated | Computer network malicious code scanner |
IL121815A (en) * | 1997-09-22 | 2000-09-28 | Security 7 Software Ltd | Method and system for the identification and the suppression of executable objects |
US6985943B2 (en) | 1998-09-11 | 2006-01-10 | Genesys Telecommunications Laboratories, Inc. | Method and apparatus for extended management of state and interaction of a remote knowledge worker from a contact center |
US6711611B2 (en) * | 1998-09-11 | 2004-03-23 | Genesis Telecommunications Laboratories, Inc. | Method and apparatus for data-linking a mobile knowledge worker to home communication-center infrastructure |
US6266664B1 (en) * | 1997-10-01 | 2001-07-24 | Rulespace, Inc. | Method for scanning, analyzing and rating digital information content |
GB2330991A (en) * | 1997-11-04 | 1999-05-05 | Ibm | Routing data packets |
US8225408B2 (en) * | 1997-11-06 | 2012-07-17 | Finjan, Inc. | Method and system for adaptive rule-based content scanners |
US7418731B2 (en) * | 1997-11-06 | 2008-08-26 | Finjan Software, Ltd. | Method and system for caching at secure gateways |
US6275937B1 (en) | 1997-11-06 | 2001-08-14 | International Business Machines Corporation | Collaborative server processing of content and meta-information with application to virus checking in a server network |
US7975305B2 (en) * | 1997-11-06 | 2011-07-05 | Finjan, Inc. | Method and system for adaptive rule-based content scanners for desktop computers |
USRE46528E1 (en) | 1997-11-14 | 2017-08-29 | Genesys Telecommunications Laboratories, Inc. | Implementation of call-center outbound dialing capability at a telephony network level |
US6088803A (en) * | 1997-12-30 | 2000-07-11 | Intel Corporation | System for virus-checking network data during download to a client device |
US6035423A (en) * | 1997-12-31 | 2000-03-07 | Network Associates, Inc. | Method and system for providing automated updating and upgrading of antivirus applications using a computer network |
US6055566A (en) * | 1998-01-12 | 2000-04-25 | Lextron Systems, Inc. | Customizable media player with online/offline capabilities |
US6782510B1 (en) * | 1998-01-27 | 2004-08-24 | John N. Gross | Word checking tool for controlling the language content in documents using dictionaries with modifyable status fields |
US6205551B1 (en) * | 1998-01-29 | 2001-03-20 | Lucent Technologies Inc. | Computer security using virus probing |
US5987610A (en) | 1998-02-12 | 1999-11-16 | Ameritech Corporation | Computer virus screening methods and systems |
US7907598B2 (en) | 1998-02-17 | 2011-03-15 | Genesys Telecommunication Laboratories, Inc. | Method for implementing and executing communication center routing strategies represented in extensible markup language |
US6332154B2 (en) | 1998-09-11 | 2001-12-18 | Genesys Telecommunications Laboratories, Inc. | Method and apparatus for providing media-independent self-help modules within a multimedia communication-center customer interface |
US6219677B1 (en) | 1998-05-01 | 2001-04-17 | Emware, Inc. | Split file system |
US6275942B1 (en) | 1998-05-20 | 2001-08-14 | Network Associates, Inc. | System, method and computer program product for automatic response to computer system misuse using active response modules |
US7389413B2 (en) | 1998-07-23 | 2008-06-17 | Tumbleweed Communications Corp. | Method and system for filtering communication |
USRE46153E1 (en) | 1998-09-11 | 2016-09-20 | Genesys Telecommunications Laboratories, Inc. | Method and apparatus enabling voice-based management of state and interaction of a remote knowledge worker in a contact center environment |
WO2000017768A1 (en) | 1998-09-23 | 2000-03-30 | Ogilvie John W L | Self-removing email |
US6701347B1 (en) | 1998-09-23 | 2004-03-02 | John W. L. Ogilvie | Method for including a self-removing code in a self-removing email message that contains an advertisement |
US6324569B1 (en) | 1998-09-23 | 2001-11-27 | John W. L. Ogilvie | Self-removing email verified or designated as such by a message distributor for the convenience of a recipient |
US6401210B1 (en) * | 1998-09-23 | 2002-06-04 | Intel Corporation | Method of managing computer virus infected files |
US6757713B1 (en) | 1998-09-23 | 2004-06-29 | John W. L. Ogilvie | Method for including a self-removing indicator in a self-removing message |
US6338141B1 (en) | 1998-09-30 | 2002-01-08 | Cybersoft, Inc. | Method and apparatus for computer virus detection, analysis, and removal in real time |
IL126587A (en) * | 1998-10-15 | 2004-12-15 | Computer Ass Think Inc | Method and system for the prevention of undesirable activities of executable objects |
US7107591B1 (en) * | 1998-11-05 | 2006-09-12 | Hewlett-Packard Development Company, L.P. | Task-specific flexible binding in a software system |
US20020040439A1 (en) * | 1998-11-24 | 2002-04-04 | Kellum Charles W. | Processes systems and networks for secure exchange of information and quality of service maintenance using computer hardware |
US6487664B1 (en) * | 1998-11-24 | 2002-11-26 | E-Com Defense, Inc. | Processes and systems for secured information exchange using computer hardware |
US20020032867A1 (en) * | 1998-11-24 | 2002-03-14 | Kellum Charles W. | Multi-system architecture using general purpose active-backplane and expansion-bus compatible single board computers and their peripherals for secure exchange of information and advanced computing |
US8266266B2 (en) | 1998-12-08 | 2012-09-11 | Nomadix, Inc. | Systems and methods for providing dynamic network authorization, authentication and accounting |
US8713641B1 (en) | 1998-12-08 | 2014-04-29 | Nomadix, Inc. | Systems and methods for authorizing, authenticating and accounting users having transparent computer access to a network using a gateway device |
US7194554B1 (en) * | 1998-12-08 | 2007-03-20 | Nomadix, Inc. | Systems and methods for providing dynamic network authorization authentication and accounting |
US6499109B1 (en) * | 1998-12-08 | 2002-12-24 | Networks Associates Technology, Inc. | Method and apparatus for securing software distributed over a network |
US6266774B1 (en) | 1998-12-08 | 2001-07-24 | Mcafee.Com Corporation | Method and system for securing, managing or optimizing a personal computer |
AU2164700A (en) | 1998-12-09 | 2000-06-26 | Network Ice Corporation | A method and apparatus for providing network and computer system security |
US7389540B2 (en) | 1999-02-03 | 2008-06-17 | Cybersoft, Inc. | Apparatus and methods for intercepting, examining and controlling code, data and files and their transfer |
US7917744B2 (en) * | 1999-02-03 | 2011-03-29 | Cybersoft, Inc. | Apparatus and methods for intercepting, examining and controlling code, data and files and their transfer in instant messaging and peer-to-peer applications |
US6763467B1 (en) * | 1999-02-03 | 2004-07-13 | Cybersoft, Inc. | Network traffic intercepting method and system |
US7936787B2 (en) * | 1999-03-01 | 2011-05-03 | The Directv Group, Inc. | Technique for data compression by decoding binary encoded data |
US6725377B1 (en) * | 1999-03-12 | 2004-04-20 | Networks Associates Technology, Inc. | Method and system for updating anti-intrusion software |
US6804778B1 (en) * | 1999-04-15 | 2004-10-12 | Gilian Technologies, Ltd. | Data quality assurance |
US20030229809A1 (en) * | 1999-04-15 | 2003-12-11 | Asaf Wexler | Transparent proxy server |
US6571280B1 (en) * | 1999-06-17 | 2003-05-27 | International Business Machines Corporation | Method and apparatus for client sided backup and redundancy |
AU775495B2 (en) * | 1999-06-30 | 2004-08-05 | Apptitude Acquisition Corporation | Method and apparatus for monitoring traffic in a network |
US6560632B1 (en) * | 1999-07-16 | 2003-05-06 | International Business Machines Corporation | System and method for managing files in a distributed system using prioritization |
US6772346B1 (en) * | 1999-07-16 | 2004-08-03 | International Business Machines Corporation | System and method for managing files in a distributed system using filtering |
US7346929B1 (en) * | 1999-07-29 | 2008-03-18 | International Business Machines Corporation | Method and apparatus for auditing network security |
AU1224101A (en) | 1999-10-22 | 2001-05-08 | Nomadix, Inc. | Gateway device having an xml interface and associated method |
US6321267B1 (en) | 1999-11-23 | 2001-11-20 | Escom Corporation | Method and apparatus for filtering junk email |
US7249175B1 (en) | 1999-11-23 | 2007-07-24 | Escom Corporation | Method and system for blocking e-mail having a nonexistent sender address |
US7929978B2 (en) | 1999-12-01 | 2011-04-19 | Genesys Telecommunications Laboratories, Inc. | Method and apparatus for providing enhanced communication capability for mobile devices on a virtual private network |
US6728886B1 (en) | 1999-12-01 | 2004-04-27 | Trend Micro Incorporated | Distributed virus scanning arrangements and methods therefor |
US6836792B1 (en) * | 1999-12-03 | 2004-12-28 | Trend Micro Incorporated | Techniques for providing add-on services for an email system |
US8006243B2 (en) * | 1999-12-07 | 2011-08-23 | International Business Machines Corporation | Method and apparatus for remote installation of network drivers and software |
US7076650B1 (en) * | 1999-12-24 | 2006-07-11 | Mcafee, Inc. | System and method for selective communication scanning at a firewall and a network node |
GB2353372B (en) | 1999-12-24 | 2001-08-22 | F Secure Oyj | Remote computer virus scanning |
US6701440B1 (en) * | 2000-01-06 | 2004-03-02 | Networks Associates Technology, Inc. | Method and system for protecting a computer using a remote e-mail scanning device |
US7310816B1 (en) | 2000-01-27 | 2007-12-18 | Dale Burns | System and method for email screening |
US6594686B1 (en) * | 2000-03-02 | 2003-07-15 | Network Associates Technology, Inc. | Obtaining user responses in a virtual execution environment |
US6842861B1 (en) * | 2000-03-24 | 2005-01-11 | Networks Associates Technology, Inc. | Method and system for detecting viruses on handheld computers |
US7574740B1 (en) | 2000-04-28 | 2009-08-11 | International Business Machines Corporation | Method and system for intrusion detection in a computer network |
IL152502A0 (en) * | 2000-04-28 | 2003-05-29 | Internet Security Systems Inc | Method and system for managing computer security information |
WO2001084775A2 (en) * | 2000-04-28 | 2001-11-08 | Internet Security Systems, Inc. | System and method for managing security events on a network |
WO2001088673A2 (en) * | 2000-05-17 | 2001-11-22 | Finjan Software, Ltd. | Malicious mobile code runtime monitoring system and methods |
US6931540B1 (en) * | 2000-05-31 | 2005-08-16 | Networks Associates Technology, Inc. | System, method and computer program product for selecting virus detection actions based on a process by which files are being accessed |
US6973578B1 (en) * | 2000-05-31 | 2005-12-06 | Networks Associates Technology, Inc. | System, method and computer program product for process-based selection of virus detection actions |
US20040073617A1 (en) | 2000-06-19 | 2004-04-15 | Milliken Walter Clark | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US7017187B1 (en) | 2000-06-20 | 2006-03-21 | Citigroup Global Markets, Inc. | Method and system for file blocking in an electronic messaging system |
US7913078B1 (en) | 2000-06-22 | 2011-03-22 | Walter Mason Stewart | Computer network virus protection system and method |
US6901519B1 (en) | 2000-06-22 | 2005-05-31 | Infobahn, Inc. | E-mail virus protection system and method |
US7162649B1 (en) | 2000-06-30 | 2007-01-09 | Internet Security Systems, Inc. | Method and apparatus for network assessment and authentication |
GB2357939B (en) * | 2000-07-05 | 2002-05-15 | Gfi Fax & Voice Ltd | Electronic mail message anti-virus system and method |
JP2002032349A (en) * | 2000-07-14 | 2002-01-31 | Nec Corp | Human/machine interface system and computer-readable recording medium with its program recorded thereon |
US7093239B1 (en) * | 2000-07-14 | 2006-08-15 | Internet Security Systems, Inc. | Computer immune system and method for detecting unwanted code in a computer system |
US8341743B2 (en) * | 2000-07-14 | 2012-12-25 | Ca, Inc. | Detection of viral code using emulation of operating system functions |
US7210040B2 (en) * | 2000-07-14 | 2007-04-24 | Computer Associates Think, Inc. | Detection of suspicious privileged access to restricted computer resources |
US6910134B1 (en) * | 2000-08-29 | 2005-06-21 | Netrake Corporation | Method and device for innoculating email infected with a virus |
US7089302B1 (en) * | 2000-08-30 | 2006-08-08 | Mcafee, Inc. | Method and system for maintaining a communications protocol session |
US6785732B1 (en) * | 2000-09-11 | 2004-08-31 | International Business Machines Corporation | Web server apparatus and method for virus checking |
US7178166B1 (en) | 2000-09-19 | 2007-02-13 | Internet Security Systems, Inc. | Vulnerability assessment and authentication of a computer by a local scanner |
US7197507B2 (en) * | 2000-10-03 | 2007-03-27 | Netagent Co., Ltd | Communication information recording device |
US7093025B1 (en) | 2000-10-04 | 2006-08-15 | International Business Machines Corporation | SMTP extension for email delivery failure |
US9027121B2 (en) * | 2000-10-10 | 2015-05-05 | International Business Machines Corporation | Method and system for creating a record for one or more computer security incidents |
US7146305B2 (en) * | 2000-10-24 | 2006-12-05 | Vcis, Inc. | Analytical virtual machine |
US7970886B1 (en) | 2000-11-02 | 2011-06-28 | Arbor Networks, Inc. | Detecting and preventing undesirable network traffic from being sourced out of a network domain |
US7155487B2 (en) | 2000-11-30 | 2006-12-26 | Intel Corporation | Method, system and article of manufacture for data distribution over a network |
WO2002044861A2 (en) * | 2000-12-01 | 2002-06-06 | M-Web Connect (Proprietary) Limited | Method of establishing a connection between a remote computer device and server through off-line authentication |
US7346928B1 (en) * | 2000-12-01 | 2008-03-18 | Network Appliance, Inc. | Decentralized appliance virus scanning |
US7778981B2 (en) * | 2000-12-01 | 2010-08-17 | Netapp, Inc. | Policy engine to control the servicing of requests received by a storage server |
US7152164B1 (en) * | 2000-12-06 | 2006-12-19 | Pasi Into Loukas | Network anti-virus system |
US7039830B2 (en) * | 2000-12-14 | 2006-05-02 | Far Stone Technology Corporation | Backup/recovery system and methods for protecting a computer system |
US7130466B2 (en) * | 2000-12-21 | 2006-10-31 | Cobion Ag | System and method for compiling images from a database and comparing the compiled images with known images |
US6928426B2 (en) * | 2000-12-30 | 2005-08-09 | Intel Corporation | Method and apparatus to improve file management |
GB2371125A (en) * | 2001-01-13 | 2002-07-17 | Secr Defence | Computer protection system |
US20020147803A1 (en) * | 2001-01-31 | 2002-10-10 | Dodd Timothy David | Method and system for calculating risk in association with a security audit of a computer network |
US7797251B2 (en) * | 2001-02-14 | 2010-09-14 | 5th Fleet, L.L.C. | System and method providing secure credit or debit transactions across unsecure networks |
US8219620B2 (en) | 2001-02-20 | 2012-07-10 | Mcafee, Inc. | Unwanted e-mail filtering system including voting feedback |
US7404212B2 (en) * | 2001-03-06 | 2008-07-22 | Cybersoft, Inc. | Apparatus and methods for intercepting, examining and controlling code, data and files and their transfer |
US7363657B2 (en) * | 2001-03-12 | 2008-04-22 | Emc Corporation | Using a virus checker in one file server to check for viruses in another file server |
US20020133709A1 (en) | 2001-03-14 | 2002-09-19 | Hoffman Terry George | Optical data transfer system - ODTS; Optically based anti-virus protection system - OBAPS |
US7313822B2 (en) * | 2001-03-16 | 2007-12-25 | Protegrity Corporation | Application-layer security method and system |
US7882555B2 (en) * | 2001-03-16 | 2011-02-01 | Kavado, Inc. | Application layer security method and system |
US7114177B2 (en) * | 2001-03-28 | 2006-09-26 | Geotrust, Inc. | Web site identity assurance |
US20020147780A1 (en) * | 2001-04-09 | 2002-10-10 | Liu James Y. | Method and system for scanning electronic mail to detect and eliminate computer viruses using a group of email-scanning servers and a recipient's email gateway |
US20020171546A1 (en) * | 2001-04-18 | 2002-11-21 | Evans Thomas P. | Universal, customizable security system for computers and other devices |
US20020199120A1 (en) * | 2001-05-04 | 2002-12-26 | Schmidt Jeffrey A. | Monitored network security bridge system and method |
US7043757B2 (en) * | 2001-05-22 | 2006-05-09 | Mci, Llc | System and method for malicious code detection |
US7237264B1 (en) | 2001-06-04 | 2007-06-26 | Internet Security Systems, Inc. | System and method for preventing network misuse |
US7562146B2 (en) * | 2003-10-10 | 2009-07-14 | Citrix Systems, Inc. | Encapsulating protocol for session persistence and reliability |
US20050198379A1 (en) * | 2001-06-13 | 2005-09-08 | Citrix Systems, Inc. | Automatically reconnecting a client across reliable and persistent communication sessions |
US7657419B2 (en) * | 2001-06-19 | 2010-02-02 | International Business Machines Corporation | Analytical virtual machine |
US6981280B2 (en) | 2001-06-29 | 2005-12-27 | Mcafee, Inc. | Intelligent network scanning system and method |
US7016939B1 (en) | 2001-07-26 | 2006-03-21 | Mcafee, Inc. | Intelligent SPAM detection system using statistical analysis |
US7647376B1 (en) | 2001-07-26 | 2010-01-12 | Mcafee, Inc. | SPAM report generation system and method |
US7023861B2 (en) * | 2001-07-26 | 2006-04-04 | Mcafee, Inc. | Malware scanning using a network bridge |
US6769016B2 (en) | 2001-07-26 | 2004-07-27 | Networks Associates Technology, Inc. | Intelligent SPAM detection system using an updateable neural analysis engine |
US6792543B2 (en) | 2001-08-01 | 2004-09-14 | Networks Associates Technology, Inc. | Virus scanning on thin client devices using programmable assembly language |
US7861303B2 (en) * | 2001-08-01 | 2010-12-28 | Mcafee, Inc. | Malware scanning wireless service agent system and method |
US7269649B1 (en) * | 2001-08-31 | 2007-09-11 | Mcafee, Inc. | Protocol layer-level system and method for detecting virus activity |
US20030048468A1 (en) * | 2001-09-07 | 2003-03-13 | Boldon John L. | Method of virus filtering for use in peripherals having embedded controller devices |
US7356736B2 (en) * | 2001-09-25 | 2008-04-08 | Norman Asa | Simulated computer system for monitoring of software performance |
US20030097409A1 (en) * | 2001-10-05 | 2003-05-22 | Hungchou Tsai | Systems and methods for securing computers |
AU2002335062B2 (en) * | 2001-10-12 | 2007-07-19 | Digicert, Inc. | Methods and systems for automated authentication, processing and issuance of digital certificates |
US7127299B2 (en) * | 2001-10-23 | 2006-10-24 | Medtronic, Inc. | Network communications arrangement for IMD programming units |
US7093294B2 (en) * | 2001-10-31 | 2006-08-15 | International Buisiness Machines Corporation | System and method for detecting and controlling a drone implanted in a network attached device such as a computer |
US7506374B2 (en) * | 2001-10-31 | 2009-03-17 | Computer Associates Think, Inc. | Memory scanning system and method |
US20030093689A1 (en) * | 2001-11-15 | 2003-05-15 | Aladdin Knowledge Systems Ltd. | Security router |
US7150042B2 (en) * | 2001-12-06 | 2006-12-12 | Mcafee, Inc. | Techniques for performing malware scanning of files stored within a file storage device of a computer network |
US7093002B2 (en) * | 2001-12-06 | 2006-08-15 | Mcafee, Inc. | Handling of malware scanning of files stored within a file storage device of a computer network |
CN100380336C (en) * | 2001-12-10 | 2008-04-09 | 思科技术公司 | Protecting against malicious traffic |
US7761605B1 (en) | 2001-12-20 | 2010-07-20 | Mcafee, Inc. | Embedded anti-virus scanner for a network adapter |
US8185943B1 (en) | 2001-12-20 | 2012-05-22 | Mcafee, Inc. | Network adapter firewall system and method |
US7401359B2 (en) * | 2001-12-21 | 2008-07-15 | Mcafee, Inc. | Generating malware definition data for mobile computing devices |
WO2003058451A1 (en) | 2002-01-04 | 2003-07-17 | Internet Security Systems, Inc. | System and method for the managed security control of processes on a computer system |
US9652613B1 (en) * | 2002-01-17 | 2017-05-16 | Trustwave Holdings, Inc. | Virus detection by executing electronic message code in a virtual machine |
US7607171B1 (en) * | 2002-01-17 | 2009-10-20 | Avinti, Inc. | Virus detection by executing e-mail code in a virtual machine |
US9392002B2 (en) * | 2002-01-31 | 2016-07-12 | Nokia Technologies Oy | System and method of providing virus protection at a gateway |
US6772345B1 (en) | 2002-02-08 | 2004-08-03 | Networks Associates Technology, Inc. | Protocol-level malware scanner |
US20030154394A1 (en) * | 2002-02-13 | 2003-08-14 | Levin Lawrence R. | Computer virus control |
US7661129B2 (en) * | 2002-02-26 | 2010-02-09 | Citrix Systems, Inc. | Secure traversal of network components |
US7984157B2 (en) * | 2002-02-26 | 2011-07-19 | Citrix Systems, Inc. | Persistent and reliable session securely traversing network components using an encapsulating protocol |
US7281269B1 (en) * | 2002-03-06 | 2007-10-09 | Novell, Inc. | Methods, data structures, and systems to remotely validate a message |
US7840997B2 (en) * | 2002-03-28 | 2010-11-23 | Shevchenko Oleksiy Yu | Method and device for computer memory protection against unauthorized access |
IL149583A0 (en) * | 2002-05-09 | 2003-07-06 | Kavado Israel Ltd | Method for automatic setting and updating of a security policy |
US7370360B2 (en) * | 2002-05-13 | 2008-05-06 | International Business Machines Corporation | Computer immune system and method for detecting unwanted code in a P-code or partially compiled native-code program executing within a virtual machine |
US7263721B2 (en) * | 2002-08-09 | 2007-08-28 | International Business Machines Corporation | Password protection |
US7657937B1 (en) | 2003-01-02 | 2010-02-02 | Vmware, Inc. | Method for customizing processing and response for intrusion prevention |
CN1643530A (en) * | 2003-01-15 | 2005-07-20 | 株式会社瑞萨科技 | Inter erterprise data cooperating system |
US7219131B2 (en) * | 2003-01-16 | 2007-05-15 | Ironport Systems, Inc. | Electronic message delivery using an alternate source approach |
US7913303B1 (en) | 2003-01-21 | 2011-03-22 | International Business Machines Corporation | Method and system for dynamically protecting a computer system from attack |
US7778999B1 (en) | 2003-01-24 | 2010-08-17 | Bsecure Technologies, Inc. | Systems and methods for multi-layered packet filtering and remote management of network devices |
US7293290B2 (en) * | 2003-02-06 | 2007-11-06 | Symantec Corporation | Dynamic detection of computer worms |
US6965968B1 (en) | 2003-02-27 | 2005-11-15 | Finjan Software Ltd. | Policy-based caching |
JP3835421B2 (en) * | 2003-03-28 | 2006-10-18 | コニカミノルタビジネステクノロジーズ株式会社 | Control program and control device |
US7607010B2 (en) * | 2003-04-12 | 2009-10-20 | Deep Nines, Inc. | System and method for network edge data protection |
US7512808B2 (en) * | 2003-08-29 | 2009-03-31 | Trend Micro, Inc. | Anti-computer viral agent suitable for innoculation of computing devices |
EP2413559B1 (en) * | 2003-09-11 | 2017-11-08 | Detica Limited | Real-time network monitoring and security |
US9338026B2 (en) | 2003-09-22 | 2016-05-10 | Axway Inc. | Delay technique in e-mail filtering system |
US7657938B2 (en) * | 2003-10-28 | 2010-02-02 | International Business Machines Corporation | Method and system for protecting computer networks by altering unwanted network data traffic |
US20050108415A1 (en) * | 2003-11-04 | 2005-05-19 | Turk Doughan A. | System and method for traffic analysis |
US7870161B2 (en) | 2003-11-07 | 2011-01-11 | Qiang Wang | Fast signature scan |
US7454418B1 (en) | 2003-11-07 | 2008-11-18 | Qiang Wang | Fast signature scan |
US20050138426A1 (en) * | 2003-11-07 | 2005-06-23 | Brian Styslinger | Method, system, and apparatus for managing, monitoring, auditing, cataloging, scoring, and improving vulnerability assessment tests, as well as automating retesting efforts and elements of tests |
US7426574B2 (en) | 2003-12-16 | 2008-09-16 | Trend Micro Incorporated | Technique for intercepting data in a peer-to-peer network |
US8544096B2 (en) * | 2003-12-30 | 2013-09-24 | Emc Corporation | On-access and on-demand distributed virus scanning |
US7480655B2 (en) * | 2004-01-09 | 2009-01-20 | Webroor Software, Inc. | System and method for protecting files on a computer from access by unauthorized applications |
US7370361B2 (en) * | 2004-02-06 | 2008-05-06 | Trend Micro Incorporated | System and method for securing computers against computer virus |
US7099853B1 (en) | 2004-02-09 | 2006-08-29 | Trend Micro Incorporated | Configurable hierarchical content filtering system |
US7653695B2 (en) | 2004-02-17 | 2010-01-26 | Ironport Systems, Inc. | Collecting, aggregating, and managing information relating to electronic messages |
US7539871B1 (en) * | 2004-02-23 | 2009-05-26 | Sun Microsystems, Inc. | System and method for identifying message propagation |
FR2867004B1 (en) * | 2004-03-01 | 2006-09-08 | Everbee Networks | METHOD, SYSTEM AND DEVICE FOR TIMING A STREAM OF DATA PACKETS |
US7757287B2 (en) * | 2004-04-19 | 2010-07-13 | Computer Associates Think, Inc. | Systems and methods for computer security |
WO2005114949A1 (en) * | 2004-04-19 | 2005-12-01 | Computer Associates Think, Inc. | Systems and methods for computer security |
US7533415B2 (en) * | 2004-04-21 | 2009-05-12 | Trend Micro Incorporated | Method and apparatus for controlling traffic in a computer network |
US8407792B2 (en) * | 2004-05-19 | 2013-03-26 | Ca, Inc. | Systems and methods for computer security |
WO2005114952A1 (en) * | 2004-05-20 | 2005-12-01 | Computer Associates Think, Inc. | Intrusion detection with automatic signature generation |
WO2005114955A1 (en) * | 2004-05-21 | 2005-12-01 | Computer Associates Think, Inc. | Systems and methods of computer security |
US7756930B2 (en) * | 2004-05-28 | 2010-07-13 | Ironport Systems, Inc. | Techniques for determining the reputation of a message sender |
US7849142B2 (en) | 2004-05-29 | 2010-12-07 | Ironport Systems, Inc. | Managing connections, messages, and directory harvest attacks at a server |
US7873695B2 (en) * | 2004-05-29 | 2011-01-18 | Ironport Systems, Inc. | Managing connections and messages at a server by associating different actions for both different senders and different recipients |
US7870200B2 (en) * | 2004-05-29 | 2011-01-11 | Ironport Systems, Inc. | Monitoring the flow of messages received at a server |
US7917588B2 (en) * | 2004-05-29 | 2011-03-29 | Ironport Systems, Inc. | Managing delivery of electronic messages using bounce profiles |
US8166310B2 (en) | 2004-05-29 | 2012-04-24 | Ironport Systems, Inc. | Method and apparatus for providing temporary access to a network device |
US7577721B1 (en) * | 2004-06-08 | 2009-08-18 | Trend Micro Incorporated | Structured peer-to-peer push distribution network |
US7596809B2 (en) * | 2004-06-14 | 2009-09-29 | Lionic Corporation | System security approaches using multiple processing units |
US7685637B2 (en) * | 2004-06-14 | 2010-03-23 | Lionic Corporation | System security approaches using sub-expression automata |
US7216364B2 (en) * | 2004-06-14 | 2007-05-08 | Lionic Corporation | System security approaches using state tables |
US20060010203A1 (en) * | 2004-06-15 | 2006-01-12 | Nokia Corporation | Personal server and network |
US7748038B2 (en) * | 2004-06-16 | 2010-06-29 | Ironport Systems, Inc. | Method and apparatus for managing computer virus outbreaks |
KR100604604B1 (en) * | 2004-06-21 | 2006-07-24 | 엘지엔시스(주) | Method for securing system using server security solution and network security solution, and security system implementing the same |
US7765593B1 (en) * | 2004-06-24 | 2010-07-27 | Mcafee, Inc. | Rule set-based system and method for advanced virus protection |
US20060004904A1 (en) * | 2004-06-30 | 2006-01-05 | Intel Corporation | Method, system, and program for managing transmit throughput for a network controller |
US7343624B1 (en) | 2004-07-13 | 2008-03-11 | Sonicwall, Inc. | Managing infectious messages as identified by an attachment |
US9154511B1 (en) | 2004-07-13 | 2015-10-06 | Dell Software Inc. | Time zero detection of infectious messages |
US20060015939A1 (en) * | 2004-07-14 | 2006-01-19 | International Business Machines Corporation | Method and system to protect a file system from viral infections |
US7694135B2 (en) * | 2004-07-16 | 2010-04-06 | Geotrust, Inc. | Security systems and services to provide identity and uniform resource identifier verification |
US20060047826A1 (en) * | 2004-08-25 | 2006-03-02 | International Business Machines Corp. | Client computer self health check |
US20060075494A1 (en) * | 2004-10-01 | 2006-04-06 | Bertman Justin R | Method and system for analyzing data for potential malware |
US7480683B2 (en) * | 2004-10-01 | 2009-01-20 | Webroot Software, Inc. | System and method for heuristic analysis to identify pestware |
US20060075468A1 (en) * | 2004-10-01 | 2006-04-06 | Boney Matthew L | System and method for locating malware and generating malware definitions |
US7533131B2 (en) * | 2004-10-01 | 2009-05-12 | Webroot Software, Inc. | System and method for pestware detection and removal |
US20060075490A1 (en) * | 2004-10-01 | 2006-04-06 | Boney Matthew L | System and method for actively operating malware to generate a definition |
US20060085528A1 (en) * | 2004-10-01 | 2006-04-20 | Steve Thomas | System and method for monitoring network communications for pestware |
US7287279B2 (en) | 2004-10-01 | 2007-10-23 | Webroot Software, Inc. | System and method for locating malware |
EP1655647A1 (en) * | 2004-11-04 | 2006-05-10 | Prüftechnik Dieter Busch Ag | Secured connectivity system for Internet-based CM systems |
US20060101277A1 (en) * | 2004-11-10 | 2006-05-11 | Meenan Patrick A | Detecting and remedying unauthorized computer programs |
US7343599B2 (en) * | 2005-01-03 | 2008-03-11 | Blue Lane Technologies Inc. | Network-based patching machine |
FR2880484A1 (en) * | 2005-01-05 | 2006-07-07 | France Telecom | METHOD AND SYSTEM FOR TRANSMITTING A DIGIT DATA SET FROM A SENDER DEVICE TO A RECEIVER DEVICE, AND DEVICE FOR ANALYZING A DIGIT DATA SET |
US20060156400A1 (en) * | 2005-01-06 | 2006-07-13 | Gbs Laboratories Llc | System and method for preventing unauthorized access to computer devices |
US7917955B1 (en) * | 2005-01-14 | 2011-03-29 | Mcafee, Inc. | System, method and computer program product for context-driven behavioral heuristics |
US20060173704A1 (en) * | 2005-01-31 | 2006-08-03 | Abet Technologies, Llc | Secure computer system |
KR100666947B1 (en) * | 2005-02-01 | 2007-01-10 | 삼성전자주식회사 | Network Access Method of WLAN Terminal And Network system thereof |
US8059551B2 (en) * | 2005-02-15 | 2011-11-15 | Raytheon Bbn Technologies Corp. | Method for source-spoofed IP packet traceback |
US7346611B2 (en) * | 2005-04-12 | 2008-03-18 | Webroot Software, Inc. | System and method for accessing data from a data storage medium |
US7565695B2 (en) * | 2005-04-12 | 2009-07-21 | Webroot Software, Inc. | System and method for directly accessing data from a data storage medium |
US20060253908A1 (en) * | 2005-05-03 | 2006-11-09 | Tzu-Jian Yang | Stateful stack inspection anti-virus and anti-intrusion firewall system |
US7854007B2 (en) * | 2005-05-05 | 2010-12-14 | Ironport Systems, Inc. | Identifying threats in electronic messages |
US20060271597A1 (en) * | 2005-05-31 | 2006-11-30 | Microsoft Corporation | Code-enabled/code-free files |
US8452744B2 (en) * | 2005-06-06 | 2013-05-28 | Webroot Inc. | System and method for analyzing locked files |
US20060277183A1 (en) * | 2005-06-06 | 2006-12-07 | Tony Nichols | System and method for neutralizing locked pestware files |
US20090144826A2 (en) * | 2005-06-30 | 2009-06-04 | Webroot Software, Inc. | Systems and Methods for Identifying Malware Distribution |
US20070016951A1 (en) * | 2005-07-13 | 2007-01-18 | Piccard Paul L | Systems and methods for identifying sources of malware |
US7873998B1 (en) * | 2005-07-19 | 2011-01-18 | Trustwave Holdings, Inc. | Rapidly propagating threat detection |
US8272058B2 (en) | 2005-07-29 | 2012-09-18 | Bit 9, Inc. | Centralized timed analysis in a network security system |
US7895651B2 (en) | 2005-07-29 | 2011-02-22 | Bit 9, Inc. | Content tracking in a network security system |
US8984636B2 (en) | 2005-07-29 | 2015-03-17 | Bit9, Inc. | Content extractor and analysis system |
US20070067842A1 (en) * | 2005-08-08 | 2007-03-22 | Greene Michael P | Systems and methods for collecting files related to malware |
US8166547B2 (en) * | 2005-09-06 | 2012-04-24 | Fortinet, Inc. | Method, apparatus, signals, and medium for managing a transfer of data in a data network |
US8060747B1 (en) | 2005-09-12 | 2011-11-15 | Microsoft Corporation | Digital signatures for embedded code |
WO2007034535A1 (en) * | 2005-09-20 | 2007-03-29 | Gideon Corp. | Network device, data relaying method, and program |
US20070074289A1 (en) * | 2005-09-28 | 2007-03-29 | Phil Maddaloni | Client side exploit tracking |
US20070073792A1 (en) * | 2005-09-28 | 2007-03-29 | Tony Nichols | System and method for removing residual data from memory |
US20070094496A1 (en) * | 2005-10-25 | 2007-04-26 | Michael Burtscher | System and method for kernel-level pestware management |
US7996898B2 (en) * | 2005-10-25 | 2011-08-09 | Webroot Software, Inc. | System and method for monitoring events on a computer to reduce false positive indication of pestware |
US20070094733A1 (en) * | 2005-10-26 | 2007-04-26 | Wilson Michael C | System and method for neutralizing pestware residing in executable memory |
US20070094726A1 (en) * | 2005-10-26 | 2007-04-26 | Wilson Michael C | System and method for neutralizing pestware that is loaded by a desirable process |
US20070118532A1 (en) * | 2005-11-22 | 2007-05-24 | Ping-Piao Lu | Method and system for providing system security services |
US8375120B2 (en) * | 2005-11-23 | 2013-02-12 | Trend Micro Incorporated | Domain name system security network |
US7926108B2 (en) * | 2005-11-23 | 2011-04-12 | Trend Micro Incorporated | SMTP network security processing in a transparent relay in a computer network |
US20080281772A2 (en) * | 2005-11-30 | 2008-11-13 | Webroot Software, Inc. | System and method for managing access to storage media |
US8812667B1 (en) * | 2005-12-21 | 2014-08-19 | Trend Micro Incorporated | CIFS proxies for scanning protection |
US9008075B2 (en) | 2005-12-22 | 2015-04-14 | Genesys Telecommunications Laboratories, Inc. | System and methods for improving interaction routing performance |
US7716472B2 (en) * | 2005-12-29 | 2010-05-11 | Bsecure Technologies, Inc. | Method and system for transparent bridging and bi-directional management of network data |
US7904759B2 (en) * | 2006-01-11 | 2011-03-08 | Amazon Technologies, Inc. | System and method for service availability management |
US20070168694A1 (en) * | 2006-01-18 | 2007-07-19 | Phil Maddaloni | System and method for identifying and removing pestware using a secondary operating system |
US8255992B2 (en) * | 2006-01-18 | 2012-08-28 | Webroot Inc. | Method and system for detecting dependent pestware objects on a computer |
US7844829B2 (en) * | 2006-01-18 | 2010-11-30 | Sybase, Inc. | Secured database system with built-in antivirus protection |
US7721333B2 (en) * | 2006-01-18 | 2010-05-18 | Webroot Software, Inc. | Method and system for detecting a keylogger on a computer |
US8418245B2 (en) * | 2006-01-18 | 2013-04-09 | Webroot Inc. | Method and system for detecting obfuscatory pestware in a computer memory |
US20070168285A1 (en) * | 2006-01-18 | 2007-07-19 | Jurijs Girtakovskis | Systems and methods for neutralizing unauthorized attempts to monitor user activity |
US20070169198A1 (en) * | 2006-01-18 | 2007-07-19 | Phil Madddaloni | System and method for managing pestware affecting an operating system of a computer |
US7937758B2 (en) * | 2006-01-25 | 2011-05-03 | Symantec Corporation | File origin determination |
US8601160B1 (en) | 2006-02-09 | 2013-12-03 | Mcafee, Inc. | System, method and computer program product for gathering information relating to electronic content utilizing a DNS server |
CA2677525A1 (en) * | 2006-02-14 | 2007-08-23 | Message Level, Llc | Method for predelivery verification of an intended recipient of an electronic message and dynamic generation of message content upon verification |
US8190902B2 (en) * | 2006-02-27 | 2012-05-29 | Microsoft Corporation | Techniques for digital signature formation and verification |
US8205087B2 (en) * | 2006-02-27 | 2012-06-19 | Microsoft Corporation | Tool for digitally signing multiple documents |
US20070203884A1 (en) * | 2006-02-28 | 2007-08-30 | Tony Nichols | System and method for obtaining file information and data locations |
US8041946B2 (en) * | 2006-02-28 | 2011-10-18 | The Boeing Company | Data transfer between networks operating at different security levels |
US20070266433A1 (en) * | 2006-03-03 | 2007-11-15 | Hezi Moore | System and Method for Securing Information in a Virtual Computing Environment |
US7979439B1 (en) | 2006-03-14 | 2011-07-12 | Amazon Technologies, Inc. | Method and system for collecting and analyzing time-series data |
US8601112B1 (en) * | 2006-03-14 | 2013-12-03 | Amazon Technologies, Inc. | Method and system for collecting and analyzing time-series data |
US9037698B1 (en) | 2006-03-14 | 2015-05-19 | Amazon Technologies, Inc. | Method and system for collecting and analyzing time-series data |
US20070226800A1 (en) * | 2006-03-22 | 2007-09-27 | Tony Nichols | Method and system for denying pestware direct drive access |
US8079032B2 (en) * | 2006-03-22 | 2011-12-13 | Webroot Software, Inc. | Method and system for rendering harmless a locked pestware executable object |
US8769690B2 (en) * | 2006-03-24 | 2014-07-01 | AVG Netherlands B.V. | Protection from malicious web content |
US8181244B2 (en) * | 2006-04-20 | 2012-05-15 | Webroot Inc. | Backward researching time stamped events to find an origin of pestware |
US20070250818A1 (en) * | 2006-04-20 | 2007-10-25 | Boney Matthew L | Backwards researching existing pestware |
US20070261117A1 (en) * | 2006-04-20 | 2007-11-08 | Boney Matthew L | Method and system for detecting a compressed pestware executable object |
US8201243B2 (en) * | 2006-04-20 | 2012-06-12 | Webroot Inc. | Backwards researching activity indicative of pestware |
US7735139B1 (en) | 2006-05-17 | 2010-06-08 | Trend Micro Incorporated | In-line scanning of network data in an asymmetric routing environment |
US20070294396A1 (en) * | 2006-06-15 | 2007-12-20 | Krzaczynski Eryk W | Method and system for researching pestware spread through electronic messages |
US20080010326A1 (en) * | 2006-06-15 | 2008-01-10 | Carpenter Troy A | Method and system for securely deleting files from a computer storage device |
US20070294767A1 (en) * | 2006-06-20 | 2007-12-20 | Paul Piccard | Method and system for accurate detection and removal of pestware |
US20070300303A1 (en) * | 2006-06-21 | 2007-12-27 | Greene Michael P | Method and system for removing pestware from a computer |
US7802303B1 (en) | 2006-06-30 | 2010-09-21 | Trend Micro Incorporated | Real-time in-line detection of malicious code in data streams |
JP2008016994A (en) * | 2006-07-04 | 2008-01-24 | Ftl International:Kk | Secure mail system |
US8631494B2 (en) * | 2006-07-06 | 2014-01-14 | Imation Corp. | Method and device for scanning data for signatures prior to storage in a storage device |
FI20060665A0 (en) * | 2006-07-07 | 2006-07-07 | Nokia Corp | deviation detection |
US7996903B2 (en) | 2006-07-07 | 2011-08-09 | Webroot Software, Inc. | Method and system for detecting and removing hidden pestware files |
US8056133B1 (en) * | 2006-07-26 | 2011-11-08 | Trend Micro Incorporated | Protecting computers from viruses in peer-to-peer data transfers |
US8578495B2 (en) * | 2006-07-26 | 2013-11-05 | Webroot Inc. | System and method for analyzing packed files |
US20080028466A1 (en) * | 2006-07-26 | 2008-01-31 | Michael Burtscher | System and method for retrieving information from a storage medium |
US20080028462A1 (en) * | 2006-07-26 | 2008-01-31 | Michael Burtscher | System and method for loading and analyzing files |
US8171550B2 (en) * | 2006-08-07 | 2012-05-01 | Webroot Inc. | System and method for defining and detecting pestware with function parameters |
US7590707B2 (en) * | 2006-08-07 | 2009-09-15 | Webroot Software, Inc. | Method and system for identifying network addresses associated with suspect network destinations |
US8190868B2 (en) | 2006-08-07 | 2012-05-29 | Webroot Inc. | Malware management through kernel detection |
US8065664B2 (en) * | 2006-08-07 | 2011-11-22 | Webroot Software, Inc. | System and method for defining and detecting pestware |
US7769992B2 (en) | 2006-08-18 | 2010-08-03 | Webroot Software, Inc. | File manipulation during early boot time |
US20080127352A1 (en) * | 2006-08-18 | 2008-05-29 | Min Wang | System and method for protecting a registry of a computer |
US20080071770A1 (en) * | 2006-09-18 | 2008-03-20 | Nokia Corporation | Method, Apparatus and Computer Program Product for Viewing a Virtual Database Using Portable Devices |
US7971054B1 (en) * | 2006-09-19 | 2011-06-28 | Bsecure Technologies, Inc. | Method of and system for real-time form and content classification of data streams for filtering applications |
US7941830B1 (en) | 2006-11-01 | 2011-05-10 | Trend Micro Incorporated | Authentication protocol for network security services |
US8091134B2 (en) * | 2006-11-29 | 2012-01-03 | Lenovo (Singapore) Pte. Ltd. | System and method for autonomic peer-to-peer virus inoculation |
US7992206B1 (en) | 2006-12-14 | 2011-08-02 | Trend Micro Incorporated | Pre-scanner for inspecting network traffic for computer viruses |
JP4512083B2 (en) * | 2006-12-20 | 2010-07-28 | トレンドマイクロ株式会社 | Ensuring security on the transmission path for programs provided to communication terminals via the network |
CN101212469A (en) * | 2006-12-28 | 2008-07-02 | 朗迅科技公司 | Antivirus system for IMS network |
US20080229416A1 (en) * | 2007-01-09 | 2008-09-18 | G. K. Webb Services Llc | Computer Network Virus Protection System and Method |
US20090328193A1 (en) * | 2007-07-20 | 2009-12-31 | Hezi Moore | System and Method for Implementing a Virtualized Security Platform |
US8850587B2 (en) * | 2007-05-04 | 2014-09-30 | Wipro Limited | Network security scanner for enterprise protection |
US8127358B1 (en) | 2007-05-30 | 2012-02-28 | Trend Micro Incorporated | Thin client for computer security applications |
US8402529B1 (en) | 2007-05-30 | 2013-03-19 | M86 Security, Inc. | Preventing propagation of malicious software during execution in a virtual machine |
US8863286B1 (en) * | 2007-06-05 | 2014-10-14 | Sonicwall, Inc. | Notification for reassembly-free file scanning |
US9100319B2 (en) | 2007-08-10 | 2015-08-04 | Fortinet, Inc. | Context-aware pattern matching accelerator |
US8286246B2 (en) | 2007-08-10 | 2012-10-09 | Fortinet, Inc. | Circuits and methods for efficient data transfer in a virus co-processing system |
US8079084B1 (en) | 2007-08-10 | 2011-12-13 | Fortinet, Inc. | Virus co-processor instructions and methods for using such |
US8375449B1 (en) | 2007-08-10 | 2013-02-12 | Fortinet, Inc. | Circuits and methods for operating a virus co-processor |
EP2031816B1 (en) * | 2007-08-29 | 2012-02-22 | NTT DoCoMo, Inc. | Optimal operation of hierarchical peer-to-peer networks |
US7783666B1 (en) | 2007-09-26 | 2010-08-24 | Netapp, Inc. | Controlling access to storage resources by using access pattern based quotas |
US8959624B2 (en) * | 2007-10-31 | 2015-02-17 | Bank Of America Corporation | Executable download tracking system |
US8019856B1 (en) | 2007-11-07 | 2011-09-13 | Trend Micro Incorporated | Automatic mapping and location discovery of computers in computer networks |
US9100246B1 (en) * | 2008-06-19 | 2015-08-04 | Symantec Corporation | Distributed application virtualization |
US8230510B1 (en) | 2008-10-02 | 2012-07-24 | Trend Micro Incorporated | Scanning computer data for malicious codes using a remote server computer |
US9292689B1 (en) | 2008-10-14 | 2016-03-22 | Trend Micro Incorporated | Interactive malicious code detection over a computer network |
US8087081B1 (en) | 2008-11-05 | 2011-12-27 | Trend Micro Incorporated | Selection of remotely located servers for computer security operations |
GB0822619D0 (en) * | 2008-12-11 | 2009-01-21 | Scansafe Ltd | Malware detection |
US20100263048A1 (en) * | 2009-04-14 | 2010-10-14 | Chih-Jen Chang | Malware prevention method and system in a peer-to-peer environment |
US11489857B2 (en) | 2009-04-21 | 2022-11-01 | Webroot Inc. | System and method for developing a risk profile for an internet resource |
US8930805B2 (en) * | 2009-07-24 | 2015-01-06 | Bank Of America Corporation | Browser preview |
US9032412B1 (en) | 2009-12-31 | 2015-05-12 | Lenovoemc Limited | Resource allocation based on active folder activity |
US9594602B1 (en) | 2009-12-31 | 2017-03-14 | Lenovoemc Limited | Active folders |
US9959150B1 (en) * | 2009-12-31 | 2018-05-01 | Lenovoemc Limited | Centralized file action based on active folders |
US8793789B2 (en) | 2010-07-22 | 2014-07-29 | Bank Of America Corporation | Insider threat correlation tool |
US8782209B2 (en) | 2010-01-26 | 2014-07-15 | Bank Of America Corporation | Insider threat correlation tool |
US8800034B2 (en) | 2010-01-26 | 2014-08-05 | Bank Of America Corporation | Insider threat correlation tool |
US9038187B2 (en) * | 2010-01-26 | 2015-05-19 | Bank Of America Corporation | Insider threat correlation tool |
JP5749053B2 (en) * | 2010-03-31 | 2015-07-15 | 株式会社ブロードバンドセキュリティ | File upload blocking system and file upload blocking method |
US8782794B2 (en) | 2010-04-16 | 2014-07-15 | Bank Of America Corporation | Detecting secure or encrypted tunneling in a computer network |
US8544100B2 (en) | 2010-04-16 | 2013-09-24 | Bank Of America Corporation | Detecting secure or encrypted tunneling in a computer network |
US8856534B2 (en) * | 2010-05-21 | 2014-10-07 | Intel Corporation | Method and apparatus for secure scan of data storage device from remote server |
US8713945B2 (en) | 2010-06-29 | 2014-05-06 | Nuovo Pignone S.P.A. | Liner aft end support mechanisms and spring loaded liner stop mechanisms |
RU2449348C1 (en) | 2010-11-01 | 2012-04-27 | Закрытое акционерное общество "Лаборатория Касперского" | System and method for virus-checking data downloaded from network at server side |
US8527760B2 (en) | 2011-01-25 | 2013-09-03 | International Business Machines Corporation | Determining trust data for devices in a network |
US9405902B1 (en) | 2011-03-15 | 2016-08-02 | Trend Micro Incorporated | Anti-malware service in multi-tenant cloud computing environments |
US8601583B1 (en) | 2011-04-14 | 2013-12-03 | Trend Micro Incorporated | Certification of virtual machine images in cloud computing environments |
CN102209039B (en) * | 2011-06-27 | 2015-05-06 | 华为数字技术(成都)有限公司 | Method and equipment for transmitting file |
US9003532B2 (en) * | 2011-09-15 | 2015-04-07 | Raytheon Company | Providing a network-accessible malware analysis |
US9411585B2 (en) | 2011-09-16 | 2016-08-09 | International Business Machines Corporation | Multi-addressable register files and format conversions associated therewith |
US9754105B1 (en) | 2012-09-25 | 2017-09-05 | Malwarebytes Corporation | Preventing the successful exploitation of software application vulnerability for malicious purposes |
US9716727B1 (en) | 2014-09-30 | 2017-07-25 | Palo Alto Networks, Inc. | Generating a honey network configuration to emulate a target network environment |
US9860208B1 (en) | 2014-09-30 | 2018-01-02 | Palo Alto Networks, Inc. | Bridging a virtual clone of a target device in a honey network to a suspicious device in an enterprise network |
US9882929B1 (en) | 2014-09-30 | 2018-01-30 | Palo Alto Networks, Inc. | Dynamic selection and generation of a virtual clone for detonation of suspicious content within a honey network |
US9495188B1 (en) | 2014-09-30 | 2016-11-15 | Palo Alto Networks, Inc. | Synchronizing a honey network configuration to reflect a target network environment |
US10044675B1 (en) | 2014-09-30 | 2018-08-07 | Palo Alto Networks, Inc. | Integrating a honey network with a target network to counter IP and peer-checking evasion techniques |
JP6199506B2 (en) * | 2014-11-27 | 2017-09-20 | 国立大学法人 千葉大学 | Server system and method for controlling a plurality of service systems |
JP2016115072A (en) * | 2014-12-12 | 2016-06-23 | Necフィールディング株式会社 | Suspicious file collection device, malware detection system, and malware detection method |
KR102111723B1 (en) * | 2016-01-27 | 2020-05-15 | 한국전자통신연구원 | System and method for one-way file transmission |
WO2018004572A1 (en) | 2016-06-29 | 2018-01-04 | Sophos Limited | Sandbox environment for document preview and analysis |
US10902125B2 (en) * | 2017-04-06 | 2021-01-26 | Walmart Apollo, Llc | Infected file detection and quarantine system |
EP3742661A1 (en) * | 2019-05-24 | 2020-11-25 | Nederlandse Organisatie voor toegepast- natuurwetenschappelijk Onderzoek TNO | Encrypted data communication and gateway device for encrypted data communication |
US11271907B2 (en) | 2019-12-19 | 2022-03-08 | Palo Alto Networks, Inc. | Smart proxy for a large scale high-interaction honeypot farm |
US11265346B2 (en) | 2019-12-19 | 2022-03-01 | Palo Alto Networks, Inc. | Large scale high-interactive honeypot farm |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0666671A1 (en) * | 1994-02-01 | 1995-08-09 | Dassault Automatismes Et Telecommunications | Communication in digital network with anti-virus |
Family Cites Families (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4975950A (en) * | 1988-11-03 | 1990-12-04 | Lentz Stephen A | System and method of protecting integrity of computer data and software |
JP2887806B2 (en) * | 1989-08-18 | 1999-05-10 | 富士ゼロックス株式会社 | Network system and mail gateway |
US5319776A (en) * | 1990-04-19 | 1994-06-07 | Hilgraeve Corporation | In transit detection of computer virus with safeguard |
DK170490B1 (en) * | 1992-04-28 | 1995-09-18 | Multi Inform As | Data Processing Plant |
JPH06110718A (en) * | 1992-09-30 | 1994-04-22 | Toshiba Corp | Virus protection system |
JP2501771B2 (en) * | 1993-01-19 | 1996-05-29 | インターナショナル・ビジネス・マシーンズ・コーポレイション | Method and apparatus for obtaining multiple valid signatures of an unwanted software entity |
US5440723A (en) * | 1993-01-19 | 1995-08-08 | International Business Machines Corporation | Automatic immune system for computers and computer networks |
JPH06350784A (en) * | 1993-06-08 | 1994-12-22 | Ricoh Co Ltd | Facsimile equipment |
US5448668A (en) * | 1993-07-08 | 1995-09-05 | Perelson; Alan S. | Method of detecting changes to a collection of digital signals |
US5444850A (en) * | 1993-08-04 | 1995-08-22 | Trend Micro Devices Incorporated | Method and apparatus for controlling network and workstation access prior to workstation boot |
JP3281137B2 (en) * | 1993-09-21 | 2002-05-13 | 株式会社東芝 | Data communication system and data communication method |
US5414833A (en) * | 1993-10-27 | 1995-05-09 | International Business Machines Corporation | Network security system and method using a parallel finite state machine adaptive active monitor and responder |
GB2283341A (en) * | 1993-10-29 | 1995-05-03 | Sophos Plc | Central virus checker for computer network. |
US5485575A (en) * | 1994-11-21 | 1996-01-16 | International Business Machines Corporation | Automatic analysis of a computer virus structure and means of attachment to its hosts |
US5491791A (en) * | 1995-01-13 | 1996-02-13 | International Business Machines Corporation | System and method for remote workstation monitoring within a distributed computing environment |
-
1995
- 1995-09-26 US US08/533,706 patent/US5623600A/en not_active Expired - Lifetime
-
1996
- 1996-09-25 DE DE19680539T patent/DE19680539T1/en not_active Withdrawn
- 1996-09-25 WO PCT/US1996/015348 patent/WO1997012321A1/en not_active Application Discontinuation
- 1996-09-25 JP JP9506029A patent/JPH11513153A/en active Pending
- 1996-09-25 EP EP96933128A patent/EP0852762A1/en not_active Withdrawn
- 1996-09-25 AU AU20019/97A patent/AU2001997A/en not_active Abandoned
- 1996-09-25 GB GB9626395A patent/GB2309561A/en not_active Withdrawn
-
2004
- 2004-08-02 JP JP2004225912A patent/JP2005011369A/en active Pending
-
2007
- 2007-12-19 JP JP2007327067A patent/JP4778950B2/en not_active Expired - Lifetime
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0666671A1 (en) * | 1994-02-01 | 1995-08-09 | Dassault Automatismes Et Telecommunications | Communication in digital network with anti-virus |
Non-Patent Citations (3)
Title |
---|
BELLOVIN S M ET AL: "NETWORK FIREWALLS", IEEE COMMUNICATIONS MAGAZINE, vol. 32, no. 9, 1 September 1994 (1994-09-01), pages 50 - 57, XP000476555 * |
SALAMONE S: "A MAGIC BULLET FOR NETWARE VIRUSES UNTOUCHABLE NETWORK NLM CAN DETECT AND ELIMINATE KNOWN AND UNKNOWN VIRUSES FROM NETWARE SERVERS", DATA COMMUNICATIONS, vol. 21, no. 18, 1 December 1992 (1992-12-01), pages 45, 46, XP000330984 * |
TED DOTY: "A FIREWALL OVERVIEW", CONNEXIONS, vol. 9, no. 7, 1 July 1995 (1995-07-01), pages 20 - 23, XP000564023 * |
Cited By (61)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2316206B (en) * | 1996-08-09 | 1998-10-21 | Apm Ltd | A computer end user system having an isolated location for executing mobile program components from an incoming data stream |
US6065118A (en) * | 1996-08-09 | 2000-05-16 | Citrix Systems, Inc. | Mobile code isolation cage |
GB2316206A (en) * | 1996-08-09 | 1998-02-18 | Apm Ltd | Running programs in a controlled manner |
EP1010059A4 (en) * | 1996-09-05 | 2000-06-21 | Cheyenne Software Int Sales | Anti-virus agent for use with databases and mail servers |
EP1010059A2 (en) * | 1996-09-05 | 2000-06-21 | Cheyenne Software International Sales Corp. | Anti-virus agent for use with databases and mail servers |
EP0939929A4 (en) * | 1997-07-01 | 2007-01-10 | Progress Software Corp | Testing and debugging tool for network applications |
WO1999001819A1 (en) | 1997-07-01 | 1999-01-14 | Progress Software Corporation | Testing and debugging tool for network applications |
EP0939929A1 (en) * | 1997-07-01 | 1999-09-08 | Progress Software Corporation | Testing and debugging tool for network applications |
JPH11119991A (en) * | 1997-10-17 | 1999-04-30 | Nec Corp | Automatic computer virus detection system using hook system |
AU698938B3 (en) * | 1998-08-07 | 1998-11-12 | Compucat Research Pty Limited | Data transfer |
US10552603B2 (en) | 2000-05-17 | 2020-02-04 | Finjan, Inc. | Malicious mobile code runtime monitoring system and methods |
US7236769B2 (en) | 2000-09-29 | 2007-06-26 | Postini, Inc. | Value-added electronic messaging services and transparent implementation thereof using intermediate server |
EP1783973A3 (en) * | 2000-09-29 | 2007-08-08 | Postini, Inc. | Value-added electronic messaging services and transparent implementation thereof using an intermediate server |
US7761498B2 (en) | 2000-09-29 | 2010-07-20 | Google Inc. | Electronic document policy compliance techniques |
EP1329117A4 (en) * | 2000-09-29 | 2005-06-08 | Postini Corp | Value-added electronic messaging services and transparent implementation thereof using intermediate server |
US7133660B2 (en) | 2000-09-29 | 2006-11-07 | Postini, Inc. | E-mail filtering services and e-mail service enrollment techniques |
US7277695B2 (en) | 2000-09-29 | 2007-10-02 | Postini, Inc. | E-mail policy compliance techniques |
US7272378B2 (en) | 2000-09-29 | 2007-09-18 | Postini, Inc. | E-mail filtering services using Internet protocol routing information |
EP1329117A1 (en) * | 2000-09-29 | 2003-07-23 | Postini Corporation | Value-added electronic messaging services and transparent implementation thereof using intermediate server |
US7428410B2 (en) | 2000-09-29 | 2008-09-23 | Google Inc. | Value-added electronic messaging services having web-based user accessible message center |
EP1724979A3 (en) * | 2000-09-29 | 2007-04-11 | Postini, Inc. | Value-added electronic messaging services and transparent implementation thereof using intermediate server |
EP1783973A2 (en) * | 2000-09-29 | 2007-05-09 | Postini, Inc. | Value-added electronic messaging services and transparent implementation thereof using intermediate server |
US7254833B1 (en) | 2000-11-09 | 2007-08-07 | Accenture Llp | Electronic security system and scheme for a communications network |
EP1734722A3 (en) * | 2000-11-09 | 2007-03-07 | Accenture LLP | Electronic security system and scheme for a communication network |
EP1734722A2 (en) * | 2000-11-09 | 2006-12-20 | Accenture LLP | Electronic security system and scheme for a communication network |
US7739729B2 (en) | 2000-11-09 | 2010-06-15 | Accenture Llp | Electronic security system and scheme for a communications network |
KR20030000584A (en) * | 2001-06-26 | 2003-01-06 | (주)넥센 | Computer virus nonproliferation type system and method for processing a electronic mail |
US7146642B1 (en) | 2001-06-29 | 2006-12-05 | Mcafee, Inc. | System, method and computer program product for detecting modifications to risk assessment scanning caused by an intermediate device |
KR20030020150A (en) * | 2001-09-03 | 2003-03-08 | 주식회사 비즈모델라인 | Method and system for eliminating worm viruses by reverse tracking of their traces with anti-worm vaccine |
US8769020B2 (en) | 2002-02-19 | 2014-07-01 | Google, Inc. | Systems and methods for managing the transmission of electronic messages via message source data |
US8725889B2 (en) | 2002-02-19 | 2014-05-13 | Google Inc. | E-mail management services |
US7603472B2 (en) | 2003-02-19 | 2009-10-13 | Google Inc. | Zero-minute virus and spam detection |
US7958187B2 (en) | 2003-02-19 | 2011-06-07 | Google Inc. | Systems and methods for managing directory harvest attacks via electronic messages |
US7647321B2 (en) | 2004-04-26 | 2010-01-12 | Google Inc. | System and method for filtering electronic messages using business heuristics |
US8321432B2 (en) | 2004-04-26 | 2012-11-27 | Google Inc. | System and method for filtering electronic messages using business heuristics |
US8001268B2 (en) | 2004-05-25 | 2011-08-16 | Google Inc. | Source reputation information system with router-level filtering of electronic messages |
US7668951B2 (en) | 2004-05-25 | 2010-02-23 | Google Inc. | Electronic message source reputation information system |
US8037144B2 (en) | 2004-05-25 | 2011-10-11 | Google Inc. | Electronic message source reputation information system |
US7788359B2 (en) | 2004-05-25 | 2010-08-31 | Google Inc. | Source reputation information system with blocking of TCP connections from sources of electronic messages |
US7792909B2 (en) | 2004-05-25 | 2010-09-07 | Google Inc. | Electronic message source reputation information system |
GB2452473A (en) * | 2004-09-17 | 2009-03-11 | Jeroen Oostendorp | E-mail filter with pre-filtering |
EP1641202A3 (en) * | 2004-09-17 | 2006-04-19 | Jeroen Oostendorp | Platform for intelligent email distribution |
EP1641202A2 (en) * | 2004-09-17 | 2006-03-29 | Jeroen Oostendorp | Platform for intelligent email distribution |
US7761915B2 (en) | 2005-12-28 | 2010-07-20 | Zyxel Communications Corp. | Terminal and related computer-implemented method for detecting malicious data for computer network |
US7895657B2 (en) | 2006-05-05 | 2011-02-22 | Broadcom Corporation | Switching network employing virus detection |
US7948977B2 (en) | 2006-05-05 | 2011-05-24 | Broadcom Corporation | Packet routing with payload analysis, encapsulation and service module vectoring |
US7751397B2 (en) | 2006-05-05 | 2010-07-06 | Broadcom Corporation | Switching network employing a user challenge mechanism to counter denial of service attacks |
US7596137B2 (en) | 2006-05-05 | 2009-09-29 | Broadcom Corporation | Packet routing and vectoring based on payload comparison with spatially related templates |
EP1853035A1 (en) * | 2006-05-05 | 2007-11-07 | Broadcom Corporation | Switching network employing server quarantine functionality |
US8072976B2 (en) | 2006-05-05 | 2011-12-06 | Broadcom Corporation | Packet routing and vectoring based on payload comparison with spatially related templates |
EP1853022A1 (en) * | 2006-05-05 | 2007-11-07 | Broadcom Corporation | Switching network employing virus detection |
EP1853024A1 (en) * | 2006-05-05 | 2007-11-07 | Broadcom Corporation | Switching network employing adware quarantine techniques |
US8223965B2 (en) | 2006-05-05 | 2012-07-17 | Broadcom Corporation | Switching network supporting media rights management |
WO2008054952A2 (en) * | 2006-10-30 | 2008-05-08 | At & T Corp. | Method and apparatus for providing network based end-device protection |
WO2008054952A3 (en) * | 2006-10-30 | 2008-06-26 | At & T Corp | Method and apparatus for providing network based end-device protection |
CN103283188A (en) * | 2010-10-07 | 2013-09-04 | 法国电力公司 | Method and device for the secure transfer of data |
FR2965997A1 (en) * | 2010-10-07 | 2012-04-13 | Electricite De France | METHOD AND DEVICE FOR SECURE TRANSFER OF DATA |
WO2012045984A1 (en) * | 2010-10-07 | 2012-04-12 | Electricite De France | Method and device for the secure transfer of data |
US8977846B2 (en) | 2010-10-07 | 2015-03-10 | Electricite De France | Method and device for the secure transfer of data |
AU2011311348B2 (en) * | 2010-10-07 | 2015-07-09 | Electricite De France | Method and device for the secure transfer of data |
RU2559766C2 (en) * | 2010-10-07 | 2015-08-10 | Электрисите Де Франс | Device and method for safe data transfer |
Also Published As
Publication number | Publication date |
---|---|
JP2008171415A (en) | 2008-07-24 |
JP2005011369A (en) | 2005-01-13 |
AU2001997A (en) | 1997-04-17 |
US5623600A (en) | 1997-04-22 |
JP4778950B2 (en) | 2011-09-21 |
EP0852762A1 (en) | 1998-07-15 |
JPH11513153A (en) | 1999-11-09 |
GB9626395D0 (en) | 1997-02-05 |
DE19680539T1 (en) | 1997-12-11 |
GB2309561A (en) | 1997-07-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US5623600A (en) | Virus detection and removal apparatus for computer networks | |
US5889943A (en) | Apparatus and method for electronic mail virus detection and elimination | |
JP4734592B2 (en) | Method and system for providing secure access to private network by client redirection | |
US6324574B1 (en) | Relay server for unsigned applets | |
US6490626B1 (en) | Browser system | |
AU711280B2 (en) | Systems and methods for executing application programs from a memory device linked to a server | |
US8412854B2 (en) | Secure communication port redirector | |
US5941954A (en) | Network message redirection | |
US20070005765A1 (en) | Network access control using network address translation | |
US9065725B1 (en) | Techniques for virtual environment-based web client management | |
US7389540B2 (en) | Apparatus and methods for intercepting, examining and controlling code, data and files and their transfer | |
JPH11353258A (en) | Method and device for fire wall security | |
CN1265309C (en) | Method accessing data bank through protocol agency mode | |
US6216101B1 (en) | Server and terminal emulator for persistent connection to a legacy host system with client token authentication | |
CN111988292B (en) | Method, device and system for accessing Internet by intranet terminal | |
US7613793B2 (en) | Method and system for providing a web service by a plurality of web domains through a single IP address | |
JP2004512612A (en) | Method and system for protecting pervasive devices and servers from virus exchange | |
EP1330082A2 (en) | Computer network for providing services controlled by e-mail | |
US20020169879A1 (en) | Method and apparatus for firewall-evading stealth protocol | |
AU3375100A (en) | An electronic parcel delivery system | |
JP2003324460A (en) | Method for displaying error message in access control and gateway device | |
Davis et al. | Socket Programming |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
ENP | Entry into the national phase |
Ref document number: 1997 506029 Country of ref document: JP Kind code of ref document: A |
|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AL AM AT AU AZ BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE HU IL IS JP KE KG KP KR KZ LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK TJ TM TR TT UA UG UZ VN AM AZ BY KG KZ MD RU TJ TM |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): KE LS MW SD SZ UG AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
RET | De translation (de og part 6b) |
Ref document number: 19680539 Country of ref document: DE Date of ref document: 19971211 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 19680539 Country of ref document: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1996933128 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 1996933128 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: CA |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 1996933128 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: GB Free format text: 19960925 A 9626395 |