-
公开(公告)号:US07043634B2
公开(公告)日:2006-05-09
申请号:US09854493
申请日:2001-05-15
IPC分类号: H04L9/00
CPC分类号: G06F21/565
摘要: When a file is created on a computer, an archive copy of that file is also created and separately stored. Upon a subsequent access to the active copy of that file, a comparison between the active copy and the full archived copy is made to detect any changes. If there are not any changes, then the active copy of the file is assumed to be clean from malicious alteration and the access request is permitted. If an alteration has been made and is detected, then further countermeasures are triggered, such as full virus scanning of that file or blocking of its use. This archiving and comparison technique may be selectively applied to a subset of file types, such as executable files and dynamic link libraries, which are known to be infrequently modified during normal user operations.
-
公开(公告)号:US06757830B1
公开(公告)日:2004-06-29
申请号:US09678688
申请日:2000-10-03
IPC分类号: G06F1130
CPC分类号: H04L63/145 , G06Q10/107 , H04L51/12
摘要: Received e-mail messages are subject to a minimum delay period determined in dependence upon characteristics of the e-mail message received. Prior to release of the e-mail message upon expiry of the minimum delay period a check is made that the most up-to-date anti-virus and anti-spamming tests have been applied to the e-mail message. Characteristics that may be used to determine the minimum delay period applied include sender characteristics, recipient characteristics, attachment type characteristics and message content type characteristics.
摘要翻译: 收到的电子邮件消息的最小延迟时间取决于接收的电子邮件的特征。 在最短延迟时间到期之前发布电子邮件消息之前,请检查是否已将最新的反病毒和反垃圾邮件测试应用于电子邮件。 可用于确定应用的最小延迟时间的特征包括发送者特征,接收者特征,附件类型特征和消息内容类型特征。
-
3.发明申请METHOD AND SYSTEM FOR DEFINING A SAFE STORAGE AREA FOR USE IN RECOVERING A COMPUTER SYSTEM 审中-公开用于定义用于恢复计算机系统的安全存储区域的方法和系统公开(公告)号:US20120030766A1
公开(公告)日:2012-02-02
申请号:US13253038
申请日:2011-10-04
CPC分类号: G06F21/575
摘要: A method for defining an area to record changes made to a computer system is disclosed. The method includes defining a safe area on a primary storage device of the computer system and storing information on the location of the safe area on a secondary storage device. The method further includes booting the computer system utilizing a backup device and changing data on the primary storage device. The changes are recorded in the safe area of the primary storage device and are accessible when the computer system is booted from the backup device.
摘要翻译: 公开了一种定义用于记录对计算机系统的改变的区域的方法。 该方法包括在计算机系统的主存储设备上定义安全区域,并将关于安全区域的位置的信息存储在辅助存储设备上。 该方法还包括利用备份设备引导计算机系统并在主存储设备上改变数据。 更改记录在主存储设备的安全区域中,并且在计算机系统从备份设备启动时可以访问。
-
4.发明授权公开(公告)号:US07013330B1
公开(公告)日:2006-03-14
申请号:US09678692
申请日:2000-10-03
申请人: Lee Codel Lawson Tarbotton , Daniel Joseph Wolff , Paul Nicholas Gartside , Graham Arthur Makinson , Nicholas Paul Kelly
发明人: Lee Codel Lawson Tarbotton , Daniel Joseph Wolff , Paul Nicholas Gartside , Graham Arthur Makinson , Nicholas Paul Kelly
IPC分类号: G06F15/16
CPC分类号: H04L67/06 , H04L12/1863
摘要: A source computer 2 having a copy of a computer file that it is desired to download to a plurality of target computers issues broadcast messages via a computer network linked to those target computers. The broadcast messages indicate the availability of the computer file for download and include a download qualifying parameter. The download qualifying parameter is used by receiving target computers to determine whether or not they qualify to attempt a download from the source computer in response to the received broadcast message. Only those target computers that do qualify attempt a download. The source computer monitors how many target computers make a download attempt in response to a particular broadcast message and adjusts the download qualifying parameters in subsequent broadcast messages so that the target computers progressively download the new computer file without overloading the source computer.
摘要翻译: 具有希望下载到多个目标计算机的计算机文件的副本的源计算机2通过链接到这些目标计算机的计算机网络发布广播消息。 广播消息指示用于下载的计算机文件的可用性,并且包括下载限定参数。 接收目标计算机来使用下载限定参数来确定它们是否有资格根据接收的广播消息从源计算机尝试下载。 只有符合条件的目标计算机才能尝试下载。 源计算机监视多少目标计算机响应于特定广播消息进行下载尝试,并且在随后的广播消息中调整下载限定参数,使得目标计算机逐渐下载新的计算机文件而不会使源计算机过载。
-
5.发明授权公开(公告)号:US07093002B2
公开(公告)日:2006-08-15
申请号:US10004120
申请日:2001-12-06
IPC分类号: G06F15/16 , G06F15/173 , G06F17/30
CPC分类号: H04L67/1036 , H04L63/145 , H04L67/1002 , H04L67/1017
摘要: The present invention provides a load balancing device, computer program product, and method for balancing the load across a plurality of proxy devices arranged to perform malware scanning of files stored within a file storage device of a computer network. The computer network has a plurality of client devices arranged to issue access requests using a dedicated file access protocol to the file storage device in order to access files stored on the file storage device. The load balancing device is arranged so as to intercept access requests issued to the file storage device, and comprises a client interface for receiving an access request issued to the file storage device using the dedicated file access protocol. Further, the load balancing device comprises load balancing logic for applying a predetermined load balancing routine to determine to which proxy device to direct the received access request, and a proxy device interface for sending the access request to the proxy device determined by the load balancing logic, each proxy device being coupled to the file storage device. This enables a very efficient system to be developed for performing malware scanning of files stored within the file storage device, whilst enabling that system to be developed independently of the particular file storage device being used in the computer network, or the operating system being run on that file storage device.
-
公开(公告)号:US06968461B1
公开(公告)日:2005-11-22
申请号:US09678010
申请日:2000-10-03
CPC分类号: G06F21/564
摘要: A computer virus scanning system is described in which during the scanning operation a measurement value indicative of the amount of data processing performed is calculated and this measurement value used to trigger breaks in the virus scanning operation. The triggered breaks can be used to perform a determination as to whether or not the virus scanning operations should be early terminated. One possibility is to measure the total size of the data processed during the virus scanning operation and calculate a ratio of this compared to the size of the computer file being virus scanned. If this calculated ratio exceeds a predetermined threshold, then virus scanning may be terminated. Another possibility is to associate a complexity value with each of a plurality of tests applied in the virus scanning operation. A total for these complexity values may be used to trigger the breaks and also to trigger early termination upon exceeding of respective threshold levels.
摘要翻译: 描述了一种计算机病毒扫描系统,其中在扫描操作期间,计算指示执行的数据处理量的测量值,并且该测量值用于触发病毒扫描操作中断。 可以使用触发中断来确定病毒扫描操作是否应该提前终止。 一种可能性是测量在病毒扫描操作期间处理的数据的总大小,并计算与病毒扫描的计算机文件的大小相比的比率。 如果该计算的比率超过预定阈值,则可以终止病毒扫描。 另一种可能性是将复杂性值与在病毒扫描操作中应用的多个测试中的每一个相关联。 这些复杂度值的总和可以用于触发中断,并且还可以在超过相应的阈值水平时触发提前终止。
-
7.发明授权Method and system for defining a safe storage area for use in recovering a computer system 失效用于定义用于恢复计算机系统的安全存储区域的方法和系统公开(公告)号:US08069480B1
公开(公告)日:2011-11-29
申请号:US10262307
申请日:2002-09-30
IPC分类号: G06F21/00
CPC分类号: G06F21/575
摘要: A method for defining an area to record changes made to a computer system is provided. A safe area is defined on a primary storage device of the computer system and information is stored on the location of the safe area on a secondary storage device. Further, the computer system is booted utilizing a backup device and data is changed on the primary storage device. The changes are recorded in the safe area of the primary storage device and are accessible when the computer system is booted from the backup device.
摘要翻译: 提供了一种用于定义区域以记录对计算机系统进行的改变的方法。 在计算机系统的主存储设备上定义安全区域,并且将信息存储在辅助存储设备上的安全区域的位置。 此外,使用备份设备引导计算机系统,并且在主存储设备上改变数据。 更改记录在主存储设备的安全区域中,并且在计算机系统从备份设备启动时可以访问。
-
公开(公告)号:US07281267B2
公开(公告)日:2007-10-09
申请号:US09785222
申请日:2001-02-20
CPC分类号: G06F21/121 , G06F21/105 , G06F2221/2101
摘要: A software audit system is provided in conjunction with an anti-virus system. A computer virus scan request received by the anti-virus system (16) is used to trigger an audit data generator (18) to generate audit data. The audit data generator (18) may also serve to ban certain computer programs from execution and monitor the concurrent usage of other computer programs.
摘要翻译: 软件审计系统与防病毒系统一起提供。 由防病毒系统(16)接收的计算机病毒扫描请求用于触发审计数据生成器(18)以产生审计数据。 审计数据生成器(18)还可以用于禁止某些计算机程序执行并监视其他计算机程序的并发使用。
-
公开(公告)号:US07150042B2
公开(公告)日:2006-12-12
申请号:US10003265
申请日:2001-12-06
CPC分类号: H04L63/0281 , G06F21/567 , H04L63/145 , H04L69/329
摘要: The present invention relates to a proxy device, computer program product and method for performing malware scanning of files stored within a file storage device of a computer network. The computer network has a plurality of client devices arranged to issue access requests using a dedicated file access protocol to the file storage device in order to access files stored on the file storage device, with the proxy device being arranged so as to intercept access requests issued to the file storage device. The proxy device comprises a first interface for receiving an access request issued by one of the client devices to the file storage device using the dedicated file access protocol, and a second interface for communicating with the file storage device to cause the file storage device to process the access request. Further, processing logic is provided for causing selected malware scanning algorithms to be executed to determine whether the file identified by the access request is to be considered as malware. This approach removes the dependency of the malware scanning process on the operating system and/or vendor of the file storage device.
-
公开(公告)号:US07023861B2
公开(公告)日:2006-04-04
申请号:US09912305
申请日:2001-07-26
CPC分类号: H04L63/0209 , H04L63/0245 , H04L63/145
摘要: A network bridge (14) has an associated malware scanner (16) that serves to concatenate portions of a data file from within data packets intercepted by the network bridge (14) and then scan the data file concerned before the data file is forwarded to its intended recipient by the network bridge (14). The network bridge (14) may be inserted in a network topology without requiring significant network configuration changes. The network bridge (14) may include a packet analysis unit (56) that serves to intercept only data packets having a predetermined network layer protocol or a predetermined application layer protocol.
摘要翻译: 网桥(14)具有相关联的恶意软件扫描器(16),其用于从网桥(14)拦截的数据分组内连接数据文件的部分,然后在将数据文件转发到其之前扫描相关数据文件 网络桥接器(14)。 可以将网桥(14)插入到网络拓扑中,而不需要显着的网络配置改变。 网桥(14)可以包括分组分析单元(56),用于仅拦截具有预定网络层协议或预定应用层协议的数据分组。
-
-
-
-
-
-
-
-
-
搜索结果
16 条记录 (耗时 0.022 秒)
