|
Match
|
Document |
Document Title |
|
|
7624449 |
Countering polymorphic malicious computer code through code optimization
Methods, apparati, and computer-readable media for determining whether computer code ( 30 ) contains malicious code. In a method embodiment, the computer code ( 30 ) is optimized ( 40 ) to produce...
|
|
|
7624448 |
Intelligent intrusion detection system utilizing enhanced graph-matching of network activity with context data
A method, system, and computer program product for utilizing a mapping of activity occurring at and between devices on a computer network to detect and prevent network intrusions. An enhanced graph...
|
|
|
7624447 |
Using threshold lists for worm detection
A computer-implemented method is provided for screening communication traffic. A list of one or more threshold pairs including respective first and second threshold values, each of which first...
|
|
|
7624446 |
Efficient signature packing for an intrusion detection system
A flow assignment module identifies different network flows' characteristics and the characteristics of the signatures for the different network flows. Based on the identified characteristics, the...
|
|
|
7624445 |
System for dynamic network reconfiguration and quarantine in response to threat conditions
A method, apparatus, and computer instructions for responding to a threat condition within the network data processing system. A threat condition within the network data processing system is...
|
|
|
7624444 |
Method and apparatus for detecting intrusions on a computer system
A method of detecting intrusions on a computer includes the step of identifying an internet protocol field range describing fields within internet protocol packets received by a computer. A...
|
|
|
7624373 |
Security mechanism for interpreting scripts in an interpretive environment
The techniques and mechanisms described herein are directed to a scripting security mechanism that minimizes security risks associated with interpreting a script written with a scripting language....
|
|
|
7620992 |
System and method for detecting multi-component malware
Malicious behavior of a computer program is detected using an emulation engine, an event detector and an event analyzer. The emulation engine includes a system emulator configured to emulate, in an...
|
|
|
7620989 |
Network testing methods and systems
Network vulnerability testing methods, systems, devices, appliances and software products generate stateful and stateless network representative of network threats. The traffic is applied to a...
|
|
|
7620988 |
Protocol identification by heuristic content analysis
A system and method are disclosed for providing network traffic identification. In one embodiment, the method comprises receiving pattern matching data; comparing the pattern matching data with a...
|
|
|
7617534 |
Detection of SYSENTER/SYSCALL hijacking
Techniques are disclosed for detecting manipulations of user-kernel transition registers (such as the SYSENTER/SYSCALL critical registers of Intel/AMD processors, respectively), and other such...
|
|
|
7617533 |
Self-quarantining network
Mitigating network security threats through a self-quarantining network is disclosed. Traffic received from a local source via a physical port is monitored. If a threat is detected, traffic...
|
|
|
7617526 |
Blocking of spam e-mail at a firewall
A method of blocking spam at a firewall involves applying blocking measures for an adaptively determined duration. The blocking measure is then suspended while determining whether the spam has...
|
|
|
7614085 |
Method for the automatic setting and updating of a security policy
The invention relates to a method for creating and/or updating a security policy within a computerized system protected by at least one security package, comprising: (a) Providing at least one...
|
|
|
7614084 |
System and method for detecting multi-component malware
Malicious behavior of a computer program is detected using an emulation engine, an event detector and an event analyzer. The emulation engine includes a system emulator configured to emulate, in an...
|
|
|
7614083 |
Process control methods and apparatus for intrusion detection, protection and network hardening
The invention provides an improved network and methods of operation thereof for use in or with process control systems, computer-based manufacturing or production control systems, environmental...
|
|
|
7613179 |
Technique for tracing source addresses of packets
A technique for tracing source addresses of packets is provided. In one particular exemplary embodiment, the technique may be realized by/as a method for tracing source addresses of packets. The...
|
|
|
7610624 |
System and method for detecting and preventing attacks to a target computer system
A system and method are provided for monitoring data packets received at a target system. The data packets may be monitored at any layer of the communication protocol to characterize the type of...
|
|
|
7610623 |
Integrity ordainment and ascertainment of computer-executable instructions with consideration for execution context
An implementation of a technology, described herein, for facilitating the protection of computer-executable instructions, such as software. At least one implementation, described herein, may...
|
|
|
7610375 |
Intrusion detection in a data center environment
An intrusion detection system (IDS) is capable of identifying the source of traffic, filtering the traffic to classify it as either safe or suspect and then applying sophisticated detection...
|
|
|
7607174 |
Adaptive security for portable information devices
A portable information device includes a dynamically configurable security arrangement in which operational settings are automatically and dynamically configured for either thick client or thin...
|
|
|
7607173 |
Method and apparatus for preventing rootkit installation
Call to driver load functions, including associated driver objects to be loaded, are stalled and evaluated for indications of a rootkit. When a rootkit is indicated, protective action is taken, and...
|
|
|
7607170 |
Stateful attack protection
A method for detecting an attack in a computer network includes monitoring communication traffic transmitted over connections on the network that are associated with a stateful application protocol...
|
|
|
7607169 |
User interface for network security console
A user interface for a network security console associated with multiple network security devices is disclosed. A graphical user interface (GUI) for use with an intrusion detection system,...
|
|
|
7607010 |
System and method for network edge data protection
Disclosed are systems and methods which examine information communication streams to identify and/or eliminate malicious code, while allowing the good code to pass unaffected. Embodiments operate...
|
|
|
7606225 |
Integrated security switch
An integrated security switch and related method for managing connectivity and security among networks. The integrated security switch includes a security function connectable with a first network...
|
|
|
7603716 |
Distributed network security service
A method and apparatus to distribute a network security service is disclosed. The security software may be distributed across nodes on a network and may use a separate security device that has two...
|
|
|
7603710 |
Method and system for detecting characteristics of a wireless network
Characteristics about one or more wireless access devices in a wireless network, whether known or unknown entities, can be determined using a system and method according to the present invention....
|
|
|
7603709 |
Method and apparatus for predicting and preventing attacks in communications networks
In one embodiment of a method and apparatus for predicting and preventing network attacks, data is collected from network devices during an attack. The collected data is analyzed to identify...
|
|
|
7603704 |
Secure execution of a computer program using a code cache
Hijacking of an application is prevented by monitoring control flow transfers during program execution in order to enforce a security policy. At least three basic techniques are used. The first...
|
|
|
7603614 |
Method and system for indicating an executable as trojan horse
A method and system for indicating an executable as Trojan Horse, based on the CRC values of the routines of an executable. The method comprising a preliminary stage in which the CRC values of the...
|
|
|
7603461 |
Methods, apparatus, and systems for distributed hypothesis testing in autonomic processing machines
Methods, apparatus, and systems are provided for distributed hypothesis testing in autonomic processing machines. Evidence about a network resource is gathered or contributed to and associated with...
|
|
|
7600259 |
Critical period protection
Systems and methods for protecting a computer during a period of increased vulnerability. In one implementation, a method for protecting a computer is provided. The method includes monitoring a...
|
|
|
7600257 |
Method and an apparatus to perform multiple packet payloads analysis
A method and an apparatus to perform multiple packet payload analysis have been disclosed. In one embodiment, the method includes receiving a plurality of data packets, each of the plurality of...
|
|
|
7600255 |
Preventing network denial of service attacks using an accumulated proof-of-work approach
Accumulated proof-of-work approaches for protecting network resources against denial-of-service attacks are disclosed. A client computer or other requester is required to perform work, such as...
|
|
|
7600252 |
System method and model for social security interoperability among intermittently connected interoperating devices
System, device, method, and computer program and computer program products for providing communicating between devices having similar or dissimilar characteristics and facilitating seamless...
|
|
|
7599289 |
Electronic communication control
An electronic communication control device suitable for embedding into a network interface card or a line card of a switch or router. The electronic communication control device is capable of...
|
|
|
7596808 |
Zero hop algorithm for network threat identification and mitigation
A method, system, apparatus, and computer-readable medium to enable a set of security device interfaces within a broadcast domain to identify and mitigate attacks. For each address of a device...
|
|
|
7596807 |
Method and system for reducing scope of self-propagating attack code in network
Technique for protecting a communications network, such a computer network, from attack such as self-propagating code violations of security policies, in which the network is divided into...
|
|
|
7596227 |
System method and model for maintaining device integrity and security among intermittently connected interoperating devices
System, device, method, and computer program and computer program products for providing communicating between devices having similar or dissimilar characteristics and facilitating seamless...
|
|
|
7594273 |
Network security system having a device profiler communicatively coupled to a traffic monitor
A system and method for providing distributed security of a network. Several device profilers are placed at different locations of a network to assess vulnerabilities from different perspectives....
|
|
|
7594272 |
Detecting malicious software through file group behavior
A malicious software detection module (MSDM) detects worms and other malicious software. The MSDM executes on a computer system connected to a network. The MSDM monitors a storage device of the...
|
|
|
7594270 |
Threat scoring system and method for intrusion detection security networks
Embodiments of the invention provide a security expert system (SES) that automates intrusion detection analysis and threat discovery that can use fuzzy logic and forward-chaining inference engines...
|
|
|
7594269 |
Platform-based identification of host software circumvention
Hardware correlation of software performance statistics. Software may gather data relating to performance of a hardware resource. A hardware component of the system of the hardware resource may...
|
|
|
7594268 |
Preventing network discovery of a system services configuration
Techniques are provided for preventing network discovery of a system services configuration. Preventing network discovery of a host system services configuration includes receiving a request from a...
|
|
|
7594267 |
Stateful distributed event processing and adaptive security
The invention provides method and apparatus for maintaining a networked computer system including first and second nodes and an event processing server, the method comprising the first and second...
|
|
|
7594266 |
Data security and intrusion detection
Systems and methods are provided for the detection and prevention of intrusions in data at rest systems such as file systems and web servers. Item requests are examined to determine if the request...
|
|
|
7594263 |
Operating a communication network through use of blocking measures for responding to communication traffic anomalies
A communication network is operated by detecting an anomaly in the communication traffic at a plurality of nodes in a communication network. A first blocking measure A is independently applied at...
|
|
|
7594014 |
Abnormality detection system, abnormality management apparatus, abnormality management method, probe and program
An abnormality management apparatus, connected via a network to a plurality of probes disposed at arbitrary positions in the network, comprises an abnormality level reception unit that receives...
|
|
|
7591016 |
System and method for scanning memory for pestware offset signatures
Systems and methods for managing pestware processes on a protected computer are described. In one implementation, a reference point in the executable memory that is associated with a process...
|