Method and system for adaptive rule-based content scanners for desktop computers
First Claim
1. A security system for scanning content within a computer, comprising:
- a network interface, housed within a computer, for receiving content from the Internet on its destination to an Internet application running on the computer;
a database of rules corresponding to computer exploits, stored within the computer;
a rule-based content scanner that communicates with said database of rules, for scanning content to recognize the presence of potential exploits therewithin;
a network traffic probe, operatively coupled to said network interface and to said rule-based content scanner, for selectively diverting content from its intended destination to said rule-based content scanner; and
a rule update manager that communicates with said database of rules, for updating said database of rules periodically to incorporate new rules that are made available.
5 Assignments
0 Petitions
Accused Products
Abstract
A security system for scanning content within a computer, including a network interface, housed within a computer, for receiving content from the Internet on its destination to an Internet application running on the computer, a database of rules corresponding to computer exploits, stored within the computer, a rule-based content scanner that communicates with said database of rules, for scanning content to recognize the presence of potential exploits therewithin, a network traffic probe, operatively coupled to the network interface and to the rule-based content scanner, for selectively diverting content from its intended destination to the rule-based content scanner, and a rule update manager that communicates with said database of rules, for updating said database of rules periodically to incorporate new rules that are made available. A method and a computer readable storage medium are also described and claimed.
272 Citations
25 Claims
-
1. A security system for scanning content within a computer, comprising:
-
a network interface, housed within a computer, for receiving content from the Internet on its destination to an Internet application running on the computer;
a database of rules corresponding to computer exploits, stored within the computer;
a rule-based content scanner that communicates with said database of rules, for scanning content to recognize the presence of potential exploits therewithin;
a network traffic probe, operatively coupled to said network interface and to said rule-based content scanner, for selectively diverting content from its intended destination to said rule-based content scanner; and
a rule update manager that communicates with said database of rules, for updating said database of rules periodically to incorporate new rules that are made available. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for scanning content within a computer, comprising:
-
receiving content from the Internet on its destination to an Internet application;
selectively diverting the received content from its intended destination;
scanning the selectively diverted content to recognize potential exploits therewithin, based on a database of rules corresponding to computer exploits; and
updating the database of rules periodically to incorporate new rules that are made available. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A computer-readable storage medium storing program code for causing a computer to perform the steps of:
-
receiving content from the Internet on its destination to an Internet application;
selectively diverting the received content from its intended destination;
scanning the selectively diverted content to recognize potential exploits therewithin, based on a database of rules corresponding to computer exploits; and
updating the database of rules periodically to incorporate new rules that are made available.
-
Specification