RESISTING THE SPREAD OF UNWANTED CODE AND DATA

US 20150033345A1
Filed: 10/02/2014
Published: 01/29/2015
Est. Priority Date: 06/09/2005
Status: Active Grant

First Claim

Patent Images

1. A method for resisting spread of unwanted code and data without scanning incoming electronic files for unwanted code and data, the method comprising the steps, performed by a computer system, of:

(a) receiving, at the computer system, an incoming electronic file containing content data in a predetermined file type corresponding to a set of rules;

(b) determining a purported predetermined file type of the incoming electronic file;

(c) parsing the content data in accordance with a predetermined data format comprising a set of rules corresponding to the determined purported predetermined file type;

(d) determining nonconforming data in the content data that does not conform to the predetermined data format;

(e) determining that the nonconforming data is authorized; and

(f) regenerating the nonconforming data to create a substitute regenerated electronic file in the purported file type, said substitute regenerated electronic file containing the regenerated content data, if the nonconforming data is determined to be authorized.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method or system of receiving an electronic file containing content data in a predetermined data format, the method comprising the steps of: receiving the electronic file, determining the data format, parsing the content data, to determine whether it conforms to the predetermined data format, and if the content data does conform to the predetermined data format, regenerating the parsed data to create a regenerated electronic file in the data format.

12 Citations

31 Claims

1. A method for resisting spread of unwanted code and data without scanning incoming electronic files for unwanted code and data, the method comprising the steps, performed by a computer system, of:
- (a) receiving, at the computer system, an incoming electronic file containing content data in a predetermined file type corresponding to a set of rules;
  
  (b) determining a purported predetermined file type of the incoming electronic file;
  
  (c) parsing the content data in accordance with a predetermined data format comprising a set of rules corresponding to the determined purported predetermined file type;
  
  (d) determining nonconforming data in the content data that does not conform to the predetermined data format;
  
  (e) determining that the nonconforming data is authorized; and
  
  (f) regenerating the nonconforming data to create a substitute regenerated electronic file in the purported file type, said substitute regenerated electronic file containing the regenerated content data, if the nonconforming data is determined to be authorized.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 2. A method according to claim 1 in which the data format corresponds to a subset of the predetermined set of rules for each file type.
  - 3. A method according to claim 1 comprising determining whether the content data conforms to prior known examples of acceptable data.
  - 4. A method according to claim 3 in which the data format only includes allowable control characters.
  - 5. A method according to claim 3 in which the data format contains a plurality of data items, each with an associated predetermined size limit.
  - 6. A method according to claim 5 wherein the predetermined size limit is the size of a line in an image file.
  - 7. A method according to claim 1 further comprising storing the incoming electronic file in a scrambled format in memory.
  - 8. A method according to claim 7, wherein each byte of data is stored in a bit reversed order.
  - 9. A method according to claim 7, wherein the data is stored such that each pair of data bytes received is placed in a reversed memory order.
  - 10. A method according to claim 1, further comprising forwarding the substitute regenerated electronic file only if the content data from within the electronic file conforms to the predetermined data format or is authorized.
  - 11. A method according to claim 10 further comprising forwarding the incoming electronic file if a portion, part or whole of the content data does not conform only when the intended recipient of the electronic file has pre-approved the sender of the electronic file.
  - 12. A method according to claim 1, further comprising replacing any content data that does not conform to the predetermined format with warning text.
  - 13. A method according to claim 1, wherein the incoming electronic file is an e-mail and the method further comprises forwarding the regenerated e-mail to the intended recipient if the content data conforms to the predetermined data format.
  - 14. A method according to claim 13, wherein the substitute regenerated e-mail is forwarded from an e-mail client to a hard disk drive.
  - 15. A method according to claim 13, wherein the substitute regenerated e-mail is forwarded from an Internet server provider server to an e-mail client server.
  - 16. A method according to claim 1, further comprising receiving the incoming electronic file from a removable memory device, and forwarding the substitute regenerated electronic file to a computing device.
  - 17. A non-transitory computer readable medium comprising a computer program adapted to perform the method of claim 1.
  - 18. A semiconductor device comprising a memory means including instructions for performing the method of claim 1.
  - 19. A semiconductor device according to claim 18, wherein the semiconductor device is a semi-permanent or permanent memory device.
  - 20. A network card comprising the semiconductor device of claim 18.
  - 21. A method according to claim 1, further comprising:
    - (g) determining conforming data in the content data that conform to the predetermined data format;
      
      (h) determining the conforming data to be free of viral and otherwise unwanted code and data and suitable for regeneration; and
      
      (i) adding the conforming data to the substitute regenerated electronic file.

22. A method for resisting spread of unwanted code and data without scanning incoming electronic files for unwanted code and data, the method comprising the steps, performed by a computer system, of:
- (a) receiving, at the computer system, an incoming electronic file containing content data in a predetermined file type corresponding to a set of rules;
  
  (b) determining a purported predetermined file type of the incoming electronic file;
  
  (c) parsing the content data in accordance with a predetermined data format comprising a set of rules corresponding to the determined purported predetermined file type;
  
  (d) determining conforming data in the content data that conforms to the predetermined data format; and
  
  (e) regenerating the conforming data to create a substitute regenerated electronic file in the purported file type, said substitute regenerated electronic file containing the regenerated content data.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 23. A method according to claim 22, wherein:
    - determining conforming data in the content data that conforms to the predetermined data format includes determining both the conforming data and nonconforming data in the content data, wherein the nonconforming data does not conform to the predetermined data format; and
      
      regenerating the conforming data to create a substitute regenerated electronic file in the purported file type, includes regenerating only the conforming data to create the substitute regenerated electronic file in the purported file type, wherein the substitute regenerated electronic file excludes the nonconforming data and a regenerated nonconforming data.
  - 24. A method according to claim 22, wherein the incoming electronic file is an e-mail and the method further comprises forwarding the regenerated e-mail to the intended recipient if the content data conforms to the predetermined data format.
  - 25. A method according to claim 24, wherein the substitute regenerated e-mail is forwarded from an e-mail client to a hard disk drive.
  - 26. A method according to claim 24, wherein the substitute regenerated e-mail is forwarded from an Internet server provider server to an e-mail client server.
  - 27. A method according to claim 22, further comprising receiving the incoming electronic file from a removable memory device, and forwarding the substitute regenerated electronic file to a computing device.
  - 28. A non-transitory computer readable medium comprising a computer program adapted to perform the method of claim 22.
  - 29. A semiconductor device comprising a memory means including instructions for performing the method of claim 22.
  - 30. A semiconductor device according to claim 29, wherein the semiconductor device is a semi-permanent or permanent memory device.
  - 31. A network card comprising the semiconductor device of claim 29.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Glasswall (Ip) Limited
Original Assignee
Glasswall (Ip) Limited
Inventors
Scales, Nicholas John

Granted Patent

US 9,516,045 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/24
CPC Class Codes

G06F 21/56   Computer malware detection ...

G06F 21/568   eliminating virus, restorin...

G06F 2221/034   Test or assess a computer o...

H04L 51/04   Real-time or near real-time...

H04L 51/063   Content adaptation, e.g. re...

H04L 51/212   using filtering or selectiv...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1441   Countermeasures against mal...

H04L 63/145   the attack involving the pr...

H04L 63/20   for managing network securi...

RESISTING THE SPREAD OF UNWANTED CODE AND DATA

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

12 Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

RESISTING THE SPREAD OF UNWANTED CODE AND DATA

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links