WO2004066112A3 - Behavior-based host-based intrusion prevention system - Google Patents

Behavior-based host-based intrusion prevention system Download PDF

Info

Publication number
WO2004066112A3
WO2004066112A3 PCT/US2004/000736 US2004000736W WO2004066112A3 WO 2004066112 A3 WO2004066112 A3 WO 2004066112A3 US 2004000736 W US2004000736 W US 2004000736W WO 2004066112 A3 WO2004066112 A3 WO 2004066112A3
Authority
WO
WIPO (PCT)
Prior art keywords
behavior
prevention system
intrusion prevention
processes
host
Prior art date
Application number
PCT/US2004/000736
Other languages
French (fr)
Other versions
WO2004066112A2 (en
Inventor
Homayoon Tajalli
Jeffrey J Graham
Timothy J Fraser
Original Assignee
Platformlogic Inc
Homayoon Tajalli
Jeffrey J Graham
Timothy J Fraser
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Platformlogic Inc, Homayoon Tajalli, Jeffrey J Graham, Timothy J Fraser filed Critical Platformlogic Inc
Publication of WO2004066112A2 publication Critical patent/WO2004066112A2/en
Publication of WO2004066112A3 publication Critical patent/WO2004066112A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/316User authentication by observing the pattern of computer usage, e.g. typical user behaviour

Abstract

A method of protecting a system from attack that includes monitoring processes running on a system, identifying behavior of the processes and attributes of the processes, grouping the processes into process sets based on commonality of attributes, and generating behavior control descriptions for each process set.
PCT/US2004/000736 2003-01-16 2004-01-14 Behavior-based host-based intrusion prevention system WO2004066112A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/345,137 US20040143749A1 (en) 2003-01-16 2003-01-16 Behavior-based host-based intrusion prevention system
US10/345,137 2003-01-16

Publications (2)

Publication Number Publication Date
WO2004066112A2 WO2004066112A2 (en) 2004-08-05
WO2004066112A3 true WO2004066112A3 (en) 2004-11-25

Family

ID=32711886

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2004/000736 WO2004066112A2 (en) 2003-01-16 2004-01-14 Behavior-based host-based intrusion prevention system

Country Status (2)

Country Link
US (2) US20040143749A1 (en)
WO (1) WO2004066112A2 (en)

Families Citing this family (205)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6658091B1 (en) 2002-02-01 2003-12-02 @Security Broadband Corp. LIfestyle multimedia security system
US7926113B1 (en) 2003-06-09 2011-04-12 Tenable Network Security, Inc. System and method for managing network vulnerability analysis systems
US7523501B2 (en) * 2003-07-21 2009-04-21 Trend Micro, Inc. Adaptive computer worm filter and methods of use thereof
US8539063B1 (en) 2003-08-29 2013-09-17 Mcafee, Inc. Method and system for containment of networked application client software by explicit human input
US20050108384A1 (en) * 2003-10-23 2005-05-19 Lambert John R. Analysis of message sequences
US7639714B2 (en) 2003-11-12 2009-12-29 The Trustees Of Columbia University In The City Of New York Apparatus method and medium for detecting payload anomaly using n-gram distribution of normal data
US7840968B1 (en) 2003-12-17 2010-11-23 Mcafee, Inc. Method and system for containment of usage of language interfaces
US7797752B1 (en) * 2003-12-17 2010-09-14 Vimal Vaidya Method and apparatus to secure a computing environment
FR2864411B1 (en) * 2003-12-23 2006-03-03 Cit Alcatel TERMINAL WITH MEANS OF PROTECTION AGAINST THE DYSFUNCTION OF CERTAIN JAVA APPLICATIONS
US7895448B1 (en) * 2004-02-18 2011-02-22 Symantec Corporation Risk profiling
US11244545B2 (en) 2004-03-16 2022-02-08 Icontrol Networks, Inc. Cross-client sensor user interface in an integrated security network
US10444964B2 (en) 2007-06-12 2019-10-15 Icontrol Networks, Inc. Control system user interface
US11582065B2 (en) 2007-06-12 2023-02-14 Icontrol Networks, Inc. Systems and methods for device communication
US10522026B2 (en) 2008-08-11 2019-12-31 Icontrol Networks, Inc. Automation system user interface with three-dimensional display
US7620983B1 (en) * 2004-03-16 2009-11-17 Symantec Corporation Behavior profiling
US10237237B2 (en) 2007-06-12 2019-03-19 Icontrol Networks, Inc. Communication protocols in integrated systems
US20170118037A1 (en) 2008-08-11 2017-04-27 Icontrol Networks, Inc. Integrated cloud system for premises automation
US11201755B2 (en) 2004-03-16 2021-12-14 Icontrol Networks, Inc. Premises system management using status signal
US11916870B2 (en) 2004-03-16 2024-02-27 Icontrol Networks, Inc. Gateway registry methods and systems
US11343380B2 (en) 2004-03-16 2022-05-24 Icontrol Networks, Inc. Premises system automation
US10339791B2 (en) 2007-06-12 2019-07-02 Icontrol Networks, Inc. Security network integrated with premise security system
US10127802B2 (en) 2010-09-28 2018-11-13 Icontrol Networks, Inc. Integrated security system with parallel processing architecture
US8963713B2 (en) 2005-03-16 2015-02-24 Icontrol Networks, Inc. Integrated security network with security alarm signaling system
US10313303B2 (en) 2007-06-12 2019-06-04 Icontrol Networks, Inc. Forming a security network including integrated security system components and network devices
US10200504B2 (en) 2007-06-12 2019-02-05 Icontrol Networks, Inc. Communication protocols over internet protocol (IP) networks
US11113950B2 (en) 2005-03-16 2021-09-07 Icontrol Networks, Inc. Gateway integrated with premises security system
US9531593B2 (en) 2007-06-12 2016-12-27 Icontrol Networks, Inc. Takeover processes in security network integrated with premise security system
US10382452B1 (en) 2007-06-12 2019-08-13 Icontrol Networks, Inc. Communication protocols in integrated systems
US11277465B2 (en) 2004-03-16 2022-03-15 Icontrol Networks, Inc. Generating risk profile using data of home monitoring and security system
US10721087B2 (en) 2005-03-16 2020-07-21 Icontrol Networks, Inc. Method for networked touchscreen with integrated interfaces
US10156959B2 (en) 2005-03-16 2018-12-18 Icontrol Networks, Inc. Cross-client sensor user interface in an integrated security network
US9729342B2 (en) 2010-12-20 2017-08-08 Icontrol Networks, Inc. Defining and implementing sensor triggered response rules
US11368429B2 (en) 2004-03-16 2022-06-21 Icontrol Networks, Inc. Premises management configuration and control
US8635350B2 (en) 2006-06-12 2014-01-21 Icontrol Networks, Inc. IP device discovery systems and methods
JP2007529826A (en) 2004-03-16 2007-10-25 アイコントロール ネットワークス, インコーポレイテッド Object management network
US11811845B2 (en) 2004-03-16 2023-11-07 Icontrol Networks, Inc. Communication protocols over internet protocol (IP) networks
US9609003B1 (en) 2007-06-12 2017-03-28 Icontrol Networks, Inc. Generating risk profile using data of home monitoring and security system
US8988221B2 (en) 2005-03-16 2015-03-24 Icontrol Networks, Inc. Integrated security system with parallel processing architecture
US11316958B2 (en) 2008-08-11 2022-04-26 Icontrol Networks, Inc. Virtual device systems and methods
US9141276B2 (en) 2005-03-16 2015-09-22 Icontrol Networks, Inc. Integrated interface for mobile device
US10348575B2 (en) 2013-06-27 2019-07-09 Icontrol Networks, Inc. Control system user interface
US11489812B2 (en) 2004-03-16 2022-11-01 Icontrol Networks, Inc. Forming a security network including integrated security system components and network devices
US9191228B2 (en) 2005-03-16 2015-11-17 Icontrol Networks, Inc. Cross-client sensor user interface in an integrated security network
US10142392B2 (en) 2007-01-24 2018-11-27 Icontrol Networks, Inc. Methods and systems for improved system performance
US20090077623A1 (en) 2005-03-16 2009-03-19 Marc Baum Security Network Integrating Security System and Network Devices
US11159484B2 (en) 2004-03-16 2021-10-26 Icontrol Networks, Inc. Forming a security network including integrated security system components and network devices
US7711796B2 (en) 2006-06-12 2010-05-04 Icontrol Networks, Inc. Gateway registry methods and systems
US11677577B2 (en) 2004-03-16 2023-06-13 Icontrol Networks, Inc. Premises system management using status signal
US10375253B2 (en) 2008-08-25 2019-08-06 Icontrol Networks, Inc. Security system with networked touchscreen and gateway
US7783735B1 (en) * 2004-03-22 2010-08-24 Mcafee, Inc. Containment of network communication
US7761918B2 (en) * 2004-04-13 2010-07-20 Tenable Network Security, Inc. System and method for scanning a network
WO2006008501A1 (en) * 2004-07-20 2006-01-26 Prevx Ltd. Host intrusion prevention system and method
US8171555B2 (en) 2004-07-23 2012-05-01 Fortinet, Inc. Determining technology-appropriate remediation for vulnerability
US7665119B2 (en) 2004-09-03 2010-02-16 Secure Elements, Inc. Policy-based selection of remediation
US7761920B2 (en) * 2004-09-03 2010-07-20 Fortinet, Inc. Data structure for policy-based remediation selection
US20060018478A1 (en) * 2004-07-23 2006-01-26 Diefenderfer Kristopher G Secure communication protocol
US7774848B2 (en) * 2004-07-23 2010-08-10 Fortinet, Inc. Mapping remediation to plurality of vulnerabilities
US20060026679A1 (en) * 2004-07-29 2006-02-02 Zakas Phillip H System and method of characterizing and managing electronic traffic
SG119237A1 (en) * 2004-07-30 2006-02-28 E Cop Net Pte Ltd An intrusion protection system and method
US7672948B2 (en) * 2004-09-03 2010-03-02 Fortinet, Inc. Centralized data transformation
US7703137B2 (en) * 2004-09-03 2010-04-20 Fortinet, Inc. Centralized data transformation
US7873955B1 (en) 2004-09-07 2011-01-18 Mcafee, Inc. Solidifying the executable software set of a computer
US7832005B1 (en) * 2004-11-29 2010-11-09 Symantec Corporation Behavioral learning based security
US7958161B2 (en) * 2004-11-30 2011-06-07 Siebel Systems, Inc. Methods and apparatuses for providing hosted tailored vertical applications
US20070226031A1 (en) * 2004-11-30 2007-09-27 Manson Nicholas R Methods and apparatuses for grouped option specification
US8751328B2 (en) * 2004-11-30 2014-06-10 Siebel Systems, Inc. Methods and apparatuses for providing provisioned access control for hosted tailored vertical applications
US7841011B2 (en) * 2004-11-30 2010-11-23 Siebel Systems, Inc. Methods and apparatuses for tiered option specification
US7356545B2 (en) * 2004-12-22 2008-04-08 Oracle International Corporation Enabling relational databases to incorporate customized intrusion prevention policies
US7917955B1 (en) * 2005-01-14 2011-03-29 Mcafee, Inc. System, method and computer program product for context-driven behavioral heuristics
US7657939B2 (en) * 2005-03-14 2010-02-02 International Business Machines Corporation Computer security intrusion detection system for remote, on-demand users
US11700142B2 (en) 2005-03-16 2023-07-11 Icontrol Networks, Inc. Security network integrating security system and network devices
US9450776B2 (en) 2005-03-16 2016-09-20 Icontrol Networks, Inc. Forming a security network including integrated security system components
US20170180198A1 (en) 2008-08-11 2017-06-22 Marc Baum Forming a security network including integrated security system components
US11615697B2 (en) 2005-03-16 2023-03-28 Icontrol Networks, Inc. Premise management systems and methods
US20110128378A1 (en) 2005-03-16 2011-06-02 Reza Raji Modular Electronic Display Platform
US9306809B2 (en) 2007-06-12 2016-04-05 Icontrol Networks, Inc. Security system with networked touchscreen
US10999254B2 (en) 2005-03-16 2021-05-04 Icontrol Networks, Inc. System for data routing in networks
US11496568B2 (en) 2005-03-16 2022-11-08 Icontrol Networks, Inc. Security system with networked touchscreen
US20120324566A1 (en) 2005-03-16 2012-12-20 Marc Baum Takeover Processes In Security Network Integrated With Premise Security System
US8359645B2 (en) * 2005-03-25 2013-01-22 Microsoft Corporation Dynamic protection of unpatched machines
US8516583B2 (en) 2005-03-31 2013-08-20 Microsoft Corporation Aggregating the knowledge base of computer systems to proactively protect a computer from malware
WO2006107712A2 (en) * 2005-04-04 2006-10-12 Bae Systems Information And Electronic Systems Integration Inc. Method and apparatus for defending against zero-day worm-based attacks
US7603552B1 (en) * 2005-05-04 2009-10-13 Mcafee, Inc. Piracy prevention using unique module translation
US20060259967A1 (en) * 2005-05-13 2006-11-16 Microsoft Corporation Proactively protecting computers in a networking environment from malware
US7856661B1 (en) 2005-07-14 2010-12-21 Mcafee, Inc. Classification of software on networked systems
US8272058B2 (en) 2005-07-29 2012-09-18 Bit 9, Inc. Centralized timed analysis in a network security system
US8984636B2 (en) 2005-07-29 2015-03-17 Bit9, Inc. Content extractor and analysis system
US7895651B2 (en) 2005-07-29 2011-02-22 Bit 9, Inc. Content tracking in a network security system
US8079080B2 (en) * 2005-10-21 2011-12-13 Mathew R. Syrowik Method, system and computer program product for detecting security threats in a computer network
WO2007053708A2 (en) * 2005-10-31 2007-05-10 The Trustees Of Columbia University In The City Of New York Methods, media, and systems for securing communications between a first node and a second node
GB2432687B (en) * 2005-11-25 2011-06-01 Mcafee Inc Product for preventing spyware/malware from installing in a registry
US7757269B1 (en) * 2006-02-02 2010-07-13 Mcafee, Inc. Enforcing alignment of approved changes and deployed changes in the software change life-cycle
US7983900B2 (en) * 2006-02-08 2011-07-19 Oracle International Corporation Method, computer program and apparatus for analysing symbols in a computer system
EP1830253A3 (en) * 2006-02-08 2009-03-18 Secerno Limited Method, computer program and apparatus for analysing symbols in a computer system
KR100791290B1 (en) 2006-02-10 2008-01-04 삼성전자주식회사 Apparatus and method for using information of malicious application's behavior across devices
US7895573B1 (en) 2006-03-27 2011-02-22 Mcafee, Inc. Execution environment file inventory
US7870387B1 (en) * 2006-04-07 2011-01-11 Mcafee, Inc. Program-based authorization
US8352930B1 (en) 2006-04-24 2013-01-08 Mcafee, Inc. Software modification by group to minimize breakage
US8555404B1 (en) 2006-05-18 2013-10-08 Mcafee, Inc. Connectivity-based authorization
US10079839B1 (en) 2007-06-12 2018-09-18 Icontrol Networks, Inc. Activation of gateway device
US7950056B1 (en) * 2006-06-30 2011-05-24 Symantec Corporation Behavior based processing of a new version or variant of a previously characterized program
US20130276109A1 (en) * 2006-07-11 2013-10-17 Mcafee, Inc. System, method and computer program product for detecting activity in association with program resources that has at least a potential of an unwanted effect on the program
US7934253B2 (en) * 2006-07-20 2011-04-26 Trustwave Holdings, Inc. System and method of securing web applications across an enterprise
US20080047009A1 (en) * 2006-07-20 2008-02-21 Kevin Overcash System and method of securing networks against applications threats
US8286238B2 (en) * 2006-09-29 2012-10-09 Intel Corporation Method and apparatus for run-time in-memory patching of code from a service processor
US9424154B2 (en) 2007-01-10 2016-08-23 Mcafee, Inc. Method of and system for computer system state checks
US8332929B1 (en) 2007-01-10 2012-12-11 Mcafee, Inc. Method and apparatus for process enforced configuration management
US11706279B2 (en) 2007-01-24 2023-07-18 Icontrol Networks, Inc. Methods and systems for data communication
US7633385B2 (en) 2007-02-28 2009-12-15 Ucontrol, Inc. Method and system for communicating with and controlling an alarm system from a remote server
US8451986B2 (en) 2007-04-23 2013-05-28 Icontrol Networks, Inc. Method and system for automatically providing alternate network access for telecommunications
US10666523B2 (en) 2007-06-12 2020-05-26 Icontrol Networks, Inc. Communication protocols in integrated systems
US11601810B2 (en) 2007-06-12 2023-03-07 Icontrol Networks, Inc. Communication protocols in integrated systems
US10389736B2 (en) 2007-06-12 2019-08-20 Icontrol Networks, Inc. Communication protocols in integrated systems
US10523689B2 (en) 2007-06-12 2019-12-31 Icontrol Networks, Inc. Communication protocols over internet protocol (IP) networks
US10051078B2 (en) 2007-06-12 2018-08-14 Icontrol Networks, Inc. WiFi-to-serial encapsulation in systems
US11237714B2 (en) 2007-06-12 2022-02-01 Control Networks, Inc. Control system user interface
US11212192B2 (en) 2007-06-12 2021-12-28 Icontrol Networks, Inc. Communication protocols in integrated systems
US10616075B2 (en) 2007-06-12 2020-04-07 Icontrol Networks, Inc. Communication protocols in integrated systems
US11423756B2 (en) 2007-06-12 2022-08-23 Icontrol Networks, Inc. Communication protocols in integrated systems
US11646907B2 (en) 2007-06-12 2023-05-09 Icontrol Networks, Inc. Communication protocols in integrated systems
US11089122B2 (en) 2007-06-12 2021-08-10 Icontrol Networks, Inc. Controlling data routing among networks
US10498830B2 (en) 2007-06-12 2019-12-03 Icontrol Networks, Inc. Wi-Fi-to-serial encapsulation in systems
US10423309B2 (en) 2007-06-12 2019-09-24 Icontrol Networks, Inc. Device integration framework
US11218878B2 (en) 2007-06-12 2022-01-04 Icontrol Networks, Inc. Communication protocols in integrated systems
US11316753B2 (en) 2007-06-12 2022-04-26 Icontrol Networks, Inc. Communication protocols in integrated systems
KR100874948B1 (en) * 2007-06-18 2008-12-19 한국전자통신연구원 Apparatus and method to detect and control processes which access lower privileged object
EP2023572B1 (en) * 2007-08-08 2017-12-06 Oracle International Corporation Method, computer program and apparatus for controlling access to a computer resource and obtaining a baseline therefor
US11831462B2 (en) 2007-08-24 2023-11-28 Icontrol Networks, Inc. Controlling data routing in premises management systems
CN101350052B (en) * 2007-10-15 2010-11-03 北京瑞星信息技术有限公司 Method and apparatus for discovering malignancy of computer program
US8195931B1 (en) 2007-10-31 2012-06-05 Mcafee, Inc. Application change control
US9338176B2 (en) * 2008-01-07 2016-05-10 Global Dataguard, Inc. Systems and methods of identity and access management
US11916928B2 (en) 2008-01-24 2024-02-27 Icontrol Networks, Inc. Communication protocols over internet protocol (IP) networks
US8515075B1 (en) 2008-01-31 2013-08-20 Mcafee, Inc. Method of and system for malicious software detection using critical address space protection
US8615502B2 (en) 2008-04-18 2013-12-24 Mcafee, Inc. Method of and system for reverse mapping vnode pointers
US20170185278A1 (en) 2008-08-11 2017-06-29 Icontrol Networks, Inc. Automation system user interface
TW201006175A (en) * 2008-07-31 2010-02-01 Ibm Method, apparatus, and computer program product for testing a network system
US11758026B2 (en) 2008-08-11 2023-09-12 Icontrol Networks, Inc. Virtual device systems and methods
US11729255B2 (en) 2008-08-11 2023-08-15 Icontrol Networks, Inc. Integrated cloud system with lightweight gateway for premises automation
US11258625B2 (en) 2008-08-11 2022-02-22 Icontrol Networks, Inc. Mobile premises automation platform
US11792036B2 (en) 2008-08-11 2023-10-17 Icontrol Networks, Inc. Mobile premises automation platform
US10530839B2 (en) 2008-08-11 2020-01-07 Icontrol Networks, Inc. Integrated cloud system with lightweight gateway for premises automation
US9047753B2 (en) * 2008-08-25 2015-06-02 Icontrol Networks, Inc. Networked touchscreen with integrated interfaces
US9628440B2 (en) 2008-11-12 2017-04-18 Icontrol Networks, Inc. Takeover processes in security network integrated with premise security system
US8544003B1 (en) 2008-12-11 2013-09-24 Mcafee, Inc. System and method for managing virtual machine configurations
US8825473B2 (en) 2009-01-20 2014-09-02 Oracle International Corporation Method, computer program and apparatus for analyzing symbols in a computer system
US20100235915A1 (en) * 2009-03-12 2010-09-16 Nasir Memon Using host symptoms, host roles, and/or host reputation for detection of host infection
US8638211B2 (en) 2009-04-30 2014-01-28 Icontrol Networks, Inc. Configurable controller and interface for home SMA, phone and multimedia
US8752180B2 (en) * 2009-05-26 2014-06-10 Symantec Corporation Behavioral engine for identifying patterns of confidential data use
US8341627B2 (en) * 2009-08-21 2012-12-25 Mcafee, Inc. Method and system for providing user space address protection from writable memory area in a virtual environment
US8381284B2 (en) 2009-08-21 2013-02-19 Mcafee, Inc. System and method for enforcing security policies in a virtual environment
US8666731B2 (en) * 2009-09-22 2014-03-04 Oracle International Corporation Method, a computer program and apparatus for processing a computer message
US9552497B2 (en) 2009-11-10 2017-01-24 Mcafee, Inc. System and method for preventing data loss using virtual machine wrapped applications
US8438270B2 (en) * 2010-01-26 2013-05-07 Tenable Network Security, Inc. System and method for correlating network identities and addresses
US8302198B2 (en) 2010-01-28 2012-10-30 Tenable Network Security, Inc. System and method for enabling remote registry service security audits
US8707440B2 (en) * 2010-03-22 2014-04-22 Tenable Network Security, Inc. System and method for passively identifying encrypted and interactive network sessions
US8549650B2 (en) 2010-05-06 2013-10-01 Tenable Network Security, Inc. System and method for three-dimensional visualization of vulnerability and asset data
AU2011250886A1 (en) 2010-05-10 2013-01-10 Icontrol Networks, Inc Control system user interface
US8925101B2 (en) 2010-07-28 2014-12-30 Mcafee, Inc. System and method for local protection against malicious software
US8938800B2 (en) 2010-07-28 2015-01-20 Mcafee, Inc. System and method for network level protection against malicious software
US8549003B1 (en) 2010-09-12 2013-10-01 Mcafee, Inc. System and method for clustering host inventories
US8836467B1 (en) 2010-09-28 2014-09-16 Icontrol Networks, Inc. Method, system and apparatus for automated reporting of account and sensor zone information to a central station
US11750414B2 (en) 2010-12-16 2023-09-05 Icontrol Networks, Inc. Bidirectional security sensor communication for a premises security system
US9147337B2 (en) 2010-12-17 2015-09-29 Icontrol Networks, Inc. Method and system for logging security event data
US9075993B2 (en) 2011-01-24 2015-07-07 Mcafee, Inc. System and method for selectively grouping and managing program files
US9112830B2 (en) 2011-02-23 2015-08-18 Mcafee, Inc. System and method for interlocking a host and a gateway
US8972783B2 (en) 2011-06-28 2015-03-03 International Business Machines Corporation Systems and methods for fast detection and diagnosis of system outages
US9594881B2 (en) 2011-09-09 2017-03-14 Mcafee, Inc. System and method for passive threat detection using virtual memory inspection
US8694738B2 (en) 2011-10-11 2014-04-08 Mcafee, Inc. System and method for critical address space protection in a hypervisor environment
US9069586B2 (en) 2011-10-13 2015-06-30 Mcafee, Inc. System and method for kernel rootkit protection in a hypervisor environment
US8973144B2 (en) 2011-10-13 2015-03-03 Mcafee, Inc. System and method for kernel rootkit protection in a hypervisor environment
US8800024B2 (en) 2011-10-17 2014-08-05 Mcafee, Inc. System and method for host-initiated firewall discovery in a network environment
US8713668B2 (en) 2011-10-17 2014-04-29 Mcafee, Inc. System and method for redirected firewall discovery in a network environment
US20130185795A1 (en) * 2012-01-12 2013-07-18 Arxceo Corporation Methods and systems for providing network protection by progressive degradation of service
CN102663274B (en) * 2012-02-07 2015-12-02 北京奇虎科技有限公司 A kind of method and system detecting the behavior of long-range invasion computing machine
US9367707B2 (en) 2012-02-23 2016-06-14 Tenable Network Security, Inc. System and method for using file hashes to track data leakage and document propagation in a network
US9378390B2 (en) 2012-03-30 2016-06-28 Nokia Technologies Oy Method and apparatus for policy adaption based on application policy compliance analysis
US8739272B1 (en) 2012-04-02 2014-05-27 Mcafee, Inc. System and method for interlocking a host and a gateway
US9043920B2 (en) 2012-06-27 2015-05-26 Tenable Network Security, Inc. System and method for identifying exploitable weak points in a network
US9088606B2 (en) 2012-07-05 2015-07-21 Tenable Network Security, Inc. System and method for strategic anti-malware monitoring
US8938796B2 (en) 2012-09-20 2015-01-20 Paul Case, SR. Case secure computer architecture
US8973146B2 (en) 2012-12-27 2015-03-03 Mcafee, Inc. Herd based scan avoidance system in a network environment
US9659085B2 (en) * 2012-12-28 2017-05-23 Microsoft Technology Licensing, Llc Detecting anomalies in behavioral network with contextual side information
US9928975B1 (en) 2013-03-14 2018-03-27 Icontrol Networks, Inc. Three-way switch
US9467464B2 (en) 2013-03-15 2016-10-11 Tenable Network Security, Inc. System and method for correlating log data to discover network vulnerabilities and assets
US9287727B1 (en) 2013-03-15 2016-03-15 Icontrol Networks, Inc. Temporal voltage adaptive lithium battery charger
US9867143B1 (en) 2013-03-15 2018-01-09 Icontrol Networks, Inc. Adaptive Power Modulation
US20140325490A1 (en) * 2013-04-25 2014-10-30 Hewlett-Packard Development Company, L.P. Classifying Source Code Using an Expertise Model
EP3031206B1 (en) 2013-08-09 2020-01-22 ICN Acquisition, LLC System, method and apparatus for remote monitoring
US10171483B1 (en) 2013-08-23 2019-01-01 Symantec Corporation Utilizing endpoint asset awareness for network intrusion detection
EP3061030A4 (en) 2013-10-24 2017-04-19 McAfee, Inc. Agent assisted malicious application blocking in a network environment
WO2015088537A1 (en) * 2013-12-12 2015-06-18 Mcafee, Inc. User authentication for mobile devices using behavioral analysis
US11146637B2 (en) 2014-03-03 2021-10-12 Icontrol Networks, Inc. Media content management
US11405463B2 (en) 2014-03-03 2022-08-02 Icontrol Networks, Inc. Media content management
US9485262B1 (en) * 2014-03-28 2016-11-01 Juniper Networks, Inc. Detecting past intrusions and attacks based on historical network traffic information
US9967283B2 (en) * 2014-09-14 2018-05-08 Sophos Limited Normalized indications of compromise
US10122687B2 (en) 2014-09-14 2018-11-06 Sophos Limited Firewall techniques for colored objects on endpoints
US10027689B1 (en) * 2014-09-29 2018-07-17 Fireeye, Inc. Interactive infection visualization for improved exploit detection and signature generation for malware and malware families
US20160164917A1 (en) 2014-12-03 2016-06-09 Phantom Cyber Corporation Action recommendations for computing assets based on enrichment information
CN105100109B (en) * 2015-08-19 2019-05-24 华为技术有限公司 A kind of method and device of deployment secure access control policy
US10803172B2 (en) * 2017-05-02 2020-10-13 Crowdstrike, Inc. Malicious/benign computational behavior detection using canonic patterns of behavior
US11044200B1 (en) 2018-07-06 2021-06-22 F5 Networks, Inc. Methods for service stitching using a packet header and devices thereof
US11567847B2 (en) 2020-02-04 2023-01-31 International Business Machines Corporation Identifying anomolous device usage based on usage patterns
US20210336973A1 (en) * 2020-04-27 2021-10-28 Check Point Software Technologies Ltd. Method and system for detecting malicious or suspicious activity by baselining host behavior
US11233801B1 (en) 2021-05-26 2022-01-25 Netskope, Inc. Session protocol update or upgrade web traffic
US20230008868A1 (en) * 2021-07-08 2023-01-12 Nippon Telegraph And Telephone Corporation User authentication device, user authentication method, and user authentication computer program

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5412717A (en) * 1992-05-15 1995-05-02 Fischer; Addison M. Computer system security method and apparatus having program authorization information data structures
US20020147923A1 (en) * 2001-01-19 2002-10-10 Eyal Dotan Method for protecting computer programs and data from hostile code
US6505300B2 (en) * 1998-06-12 2003-01-07 Microsoft Corporation Method and system for secure running of untrusted content

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE69225389T2 (en) * 1991-12-20 1998-09-10 Int Computers Ltd Program attribute control in a computer system
US5978484A (en) * 1996-04-25 1999-11-02 Microsoft Corporation System and method for safety distributing executable objects
US6158010A (en) * 1998-10-28 2000-12-05 Crosslogix, Inc. System and method for maintaining security in a distributed computer network
US7103914B2 (en) * 2002-06-17 2006-09-05 Bae Systems Information Technology Llc Trusted computer system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5412717A (en) * 1992-05-15 1995-05-02 Fischer; Addison M. Computer system security method and apparatus having program authorization information data structures
US6505300B2 (en) * 1998-06-12 2003-01-07 Microsoft Corporation Method and system for secure running of untrusted content
US20020147923A1 (en) * 2001-01-19 2002-10-10 Eyal Dotan Method for protecting computer programs and data from hostile code

Also Published As

Publication number Publication date
US20050108578A1 (en) 2005-05-19
WO2004066112A2 (en) 2004-08-05
US7657927B2 (en) 2010-02-02
US20040143749A1 (en) 2004-07-22

Similar Documents

Publication Publication Date Title
WO2004066112A3 (en) Behavior-based host-based intrusion prevention system
WO2002103960A3 (en) Stateful distributed event processing and adaptive security
WO2001092981A3 (en) System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages
WO2005029216A3 (en) The method of safe certification service
WO2005008417A3 (en) Method and system for protecting against computer viruses
WO2003065155A3 (en) Architecture to thwart denial of service attacks
AU2003202876A1 (en) System and method for the managed security control of processes on a computer system
WO2004055634A3 (en) Systems and methods for detecting a security breach in a computer system
WO2005065147A3 (en) System and method for mapping instructions associated with haptic feedback
WO2004055632A3 (en) Method, system, and computer program product for security within a global computer network
WO2005048022A3 (en) Method and system for addressing intrusion attacks on a computer system
AU2003272797A1 (en) Acoustic sensing device, system and method for monitoring emissions from machinery
WO2004081762A3 (en) Method and apparatus for executing applications on a distributed computer system
WO2005025292A3 (en) System and method for risk based authentication
WO2005094490A3 (en) Method and apparatus for protecting a remediated computer network from entry of a vulnerable computer system thereinto
WO2003058991A3 (en) Customized processing of multimedia messages
GB2438133A (en) A multi-layer system for privacy enforcement and monitoring of suspicious data access behavior
AU2003228403A1 (en) System and method for automated monitoring, recognizing, supporting, and responding to the behavior of an actor
WO2001065340A3 (en) Information processing system and method
WO2004077308A8 (en) A security system and a method of operating
IL164609A0 (en) Detecting and countering malicious code in enterprise networks
WO2005036308A3 (en) Regulation compliance and threat identification for business optimization
WO2005114464A3 (en) System and method for providing remediation management
EP2068215A3 (en) Apparatus and methods for protecting safety instrumented process control systems from intrusions
WO2004109411A3 (en) Method for monitoring a field device

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase