Malicious mobile code runtime monitoring system and methods
DC CAFCFirst Claim
1. A computer-based method, comprising the steps of:
- receiving an incoming Downloadable;
deriving security profile data for the Downloadable, including a list of suspicious computer operations that may be attempted by the Downloadable;
appending a representation of the Downloadable security profile data to the Downloadable, to generate an appended Downloadable; and
transmitting the appended Downloadable to a destination computer.
6 Assignments
Litigations
4 Petitions
Reexaminations
Accused Products
Abstract
Protection systems and methods provide for protecting one or more personal computers (“PCs”) and/or other intermittently or persistently network accessible devices or processes from undesirable or otherwise malicious operations of Java TN applets, ActiveX™ controls, JavaScript™ scripts, Visual Basic scripts, add-ins, downloaded/uploaded programs or other “Downloadables” or “mobile code” in whole or part. A protection engine embodiment provides, within a server, firewall or other suitable “recommunicator,” for monitoring information received by the communicator, determining whether received information does or is likely to include executable code, and if so, causes mobile protection code (MPC) to be transferred to and rendered operable within a destination device of the received information, more suitably by forming a protection agent including the MPC, protection policies and a detected-Downloadable. An MPC embodiment further provides, within a Downloadable-destination, for initiating the Downloadable, enabling malicious Downloadable operation attempts to be received by the MPC, and causing (predetermined) corresponding operations to be executed in response to the attempts, more suitably in conjunction with protection policies.
96 Citations
42 Claims
-
1. A computer-based method, comprising the steps of:
-
receiving an incoming Downloadable; deriving security profile data for the Downloadable, including a list of suspicious computer operations that may be attempted by the Downloadable; appending a representation of the Downloadable security profile data to the Downloadable, to generate an appended Downloadable; and transmitting the appended Downloadable to a destination computer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for managing Downloadables, comprising:
-
a receiver for receiving an incoming Downloadable; a Downloadable scanner coupled with said receiver for deriving security profile data for the Downloadable, including a list of suspicious computer operations that may be attempted by the Downloadable; a file appender coupled with said Downloadable scanner, for appending a representation of the Downloadable security profile data to the Downloadable, to generate an appended Downloadable; and a transmitter coupled with said file appender, for transmitting the appended Downloadable to a destination computer. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer-based method, comprising the steps of:
-
receiving an incoming Downloadable; deriving security profile data for the Downloadable, including a list of suspicious computer operations that may be attempted by the Downloadable; and transmitting the Downloadable and a representation of the Downloadable security profile data to a destination computer, via a transport protocol transmission. - View Dependent Claims (18, 19, 20, 21, 22, 23)
-
-
24. A system for managing Downloadables, comprising:
-
a receiver for receiving an incoming Downloadable; a Downloadable scanner coupled with said receiver, for deriving security profile data for the Downloadable, including a list of suspicious computer operations that may be attempted by the Downloadable; and a transmitter coupled with said receiver and with said Downloadable scanner, for transmitting the Downloadable and a representation of the Downloadable security profile data to a destination computer, via a transport protocol transmission. - View Dependent Claims (25, 26, 27, 28, 29, 30)
-
-
31. A computer-based method, comprising the steps of:
-
receiving an incoming Downloadable; receiving security profile data for the Downloadable, including a list of suspicious computer operations that may be attempted by the Downloadable; appending a representation of the Downloadable security profile data to the Downloadable, to generate an appended Downloadable; and transmitting the appended Downloadable to a destination computer. - View Dependent Claims (32)
-
-
33. A system for managing Downloadables, comprising:
-
a receiver for receiving an incoming Downloadable, and for receiving security profile data for the Downloadable, including a list of suspicious computer operations that may be attempted by the Downloadable; a file appender coupled with said receiver for appending a representation of the Downloadable security profile data to the Downloadable, to generate an appended Downloadable; and a transmitter coupled with said file appender, for transmitting the appended Downloadable to a destination computer. - View Dependent Claims (34)
-
-
35. A computer-based method, comprising the steps of:
-
receiving an incoming Downloadable; receiving security profile data for the Downloadable, including a list of suspicious computer operations that may be attempted by the Downloadable; and transmitting the Downloadable and a representation of the Downloadable security profile data to a destination computer, via a transport protocol transmission. - View Dependent Claims (36)
-
-
37. A system for managing Downloadables, comprising:
-
a receiver for receiving an incoming Downloadable, and for receiving security profile data for the Downloadable, including a list of suspicious computer operations that may be attempted by the Downloadable; and a transmitter coupled with said receiver, for transmitting the Downloadable and a representation of the Downloadable security profile data to a destination computer, via a transport protocol transmission. - View Dependent Claims (38)
-
-
39. A computer-based method, comprising the steps of:
-
receiving an incoming Downloadable; retrieving security profile data for the incoming Downloadable from a database of Downloadable security profiles indexed according to Downloadable IDs, based on an ID of the incoming Downloadable, the security profile data including a list of suspicious computer operations that may be attempted by the Downloadable; appending a representation of the retrieved Downloadable security profile data to the incoming Downloadable, to generate an appended Downloadable; and transmitting the appended Downloadable to a destination computer.
-
-
40. A system for managing Downloadables, comprising:
-
a receiver for receiving an incoming Downloadable; a database manager for retrieving security profile data for the incoming Downloadable from a database of Downloadable security profiles indexed according to Downloadable IDs, based on an ID of the incoming Downloadable, the security profile data including a list of suspicious computer operations that may be attempted by the Downloadable; a file appender coupled with said receiver for appending a representation of the Downloadable security profile data to the incoming Downloadable, to generate an appended Downloadable; and a transmitter coupled with said file appender, for transmitting the appended Downloadable to a destination computer.
-
-
41. A computer-based method, comprising the steps of:
-
receiving an incoming Downloadable; retrieving security profile data for the incoming Downloadable from a database of Downloadable security profiles indexed according to Downloadable IDs, based on an ID of the incoming Downloadable, the security profile data including a list of suspicious computer operations that may be attempted by the Downloadable; and transmitting the incoming Downloadable and a representation of the retrieved Downloadable security profile data to a destination computer, via a transport protocol transmission.
-
-
42. A system for managing Downloadables, comprising:
-
a receiver for receiving an incoming Downloadable; a database manager for retrieving security profile data for the incoming Downloadable from a database of Downloadable security profiles indexed according to Downloadable IDs, based on an ID of the incoming Downloadable, the security profile data including a list of suspicious computer operations that may be attempted by the Downloadable; and a transmitter coupled with said receiver, for transmitting the incoming Downloadable and a representation of the retrieved Downloadable security profile data to a destination computer, via a transport protocol transmission.
-
Specification