摘要:
The current invention discloses method and system to detect remote control and prevent critical application from being peeped at and manipulated. Solution includes remote control detection, remote control blocking and user interaction.When remote access is detected, all suspicious behaviors found during network protocol filtering, session id based detection and remote control behaviour analysis are blocked.Innovative and efficient remote detection methods support user space and kernel space mode, intercept function modules for running applications and services to check and verify. Also new detective methods support network packets filter to judge accurate remote activities.
摘要:
There is provided a network appliance, methods and systems which intercept web and email traffic, extract executables, compare the executables with a policy and wrap the executables. Then, the wrapped executables are delivered to a client system in a manner to protect the network and end point devices, where the wrapped executables are run in a sandbox with all file system, registry accesses, communication and traffic isolated.
摘要:
A method and system of performing vulnerability and security scans on an internet connected device where the device is behind a network security device such as a firewall. The method is performed by having an agent that is local to the device to be scanned create a VPN connection with a scanning server and then performing the scanning over the VPN. The connection is terminated at the end to free up system resources.
摘要:
There is provided a method and system with an improved bitmap access control method of file virtualization for large files in sandbox. The process divides a large file to pieces clusters by fixed byte counts, building a mapping relationship between logical view of sandboxed file and physical shadow file on disk. Thus, there is no need to copy an entire file when a file is modified and waste the user's disk storage.
摘要:
The application discloses a method of protecting a computer against buffer overflow attacks by creating a security policy based on information about the buffer overflow. This results in a dynamic and “on-the-fly” security policy that can be applied to an application to protect the computer. The application also discloses a method where the buffer overflow is reported to central server. The central server monitors the publisher to determine when a patch becomes available to remedy the problem. The server notifies the security software when a patch is available so that either the security software or computer user can download and install the patch.
摘要:
A method of protecting a computer by having security software be set to clean mode where the clean mode acts as if files installed or modified before the clean date are safe and installed or modified after the clean date as potentially harmful.
摘要:
A method of protecting a computer by having security software be set to clean mode where the clean mode acts as if files installed or modified before the clean date are safe and installed or modified after the clean date as potentially harmful.