Rule set-based system and method for advanced virus protection
First Claim
Patent Images
1. A method, comprising:
- preventing mass-mailing-type malware from sending electronic messages via a network;
preventing malware from communicating;
preventing opening of unrecognized attachments; and
preventing executable files from being infected via the network;
wherein a graphical user interface is utilized, the graphical user interface associated with;
a first field adapted for receiving an identifier of a rule;
a second field adapted for receiving a selection of a process to which the rule is to be applied;
a third field adapted for receiving a selection of at least one file or directory to which the rule is to be applied;
a fourth field adapted for receiving a selection of at least one action that triggers the rule to be applied to the selected process and at least one file or directory; and
a fifth field adapted for receiving a selection of an operation to be carried out in response to the action.
11 Assignments
0 Petitions
Accused Products
Abstract
A system, method and computer program product are provided for preventing malware infection. In use, mass-mailing-type malware is prevented from sending electronic messages via a network. Malware is also prevented from communicating. Still yet, unrecognized attachments are prevented from opening, and executable files are prevented from being infected via the network.
52 Citations
42 Claims
-
1. A method, comprising:
-
preventing mass-mailing-type malware from sending electronic messages via a network; preventing malware from communicating; preventing opening of unrecognized attachments; and preventing executable files from being infected via the network; wherein a graphical user interface is utilized, the graphical user interface associated with; a first field adapted for receiving an identifier of a rule; a second field adapted for receiving a selection of a process to which the rule is to be applied; a third field adapted for receiving a selection of at least one file or directory to which the rule is to be applied; a fourth field adapted for receiving a selection of at least one action that triggers the rule to be applied to the selected process and at least one file or directory; and a fifth field adapted for receiving a selection of an operation to be carried out in response to the action. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. A computer program product embodied on a computer readable medium, comprising:
-
computer code for preventing mass-mailing-type malware from sending electronic messages via a network; computer code for preventing malware from communicating; computer code for preventing opening of unrecognized attachments; and computer code for preventing executable files from being infected via the network; wherein the computer program product is operable such that a graphical user interface is utilized, the graphical user interface associated with; a first field adapted for receiving an identifier of a rule; a second field adapted for receiving a selection of a process to which the rule is to be applied; a third field adapted for receiving a selection of at least one file or directory to which the rule is to be applied; a fourth field adapted for receiving a selection of at least one action that triggers the rule to be applied to the selected process and at least one file or directory; and a fifth field adapted for receiving a selection of an operation to be carried out in response to the action.
-
-
36. A graphical user interface system embodied on a computer readable medium for defining a rule to prevent malware infection, comprising:
-
a first field associated with a graphical user interface, the first field adapted for receiving an identifier of a rule; a second field associated with the graphical user interface, the second field adapted for receiving a selection of a process to which the rule is to be applied; a third field associated with the graphical user interface, the third field adapted for receiving a selection of at least one file or directory to which the rule is to be applied; a fourth field associated with the graphical user interface, the fourth field adapted for receiving a selection of at least one action that triggers the rule to be applied to the selected process and at least one file or directory; and a fifth field associated with the graphical user interface, the fifth field adapted for receiving a selection of an operation to be carried out in response to the action. - View Dependent Claims (37, 38, 39, 40, 41)
-
-
42. A method for preventing malware infection, comprising:
-
preventing mass-mailing-type malware from sending electronic messages via a network by utilizing a white list for conditionally preventing the sending of the electronic messages based on at least one of a recipient address and an application identifier; preventing malware from communicating by; preventing a first component of malware from communicating with a second component of malware, preventing communications over predetermined communication channels including at least one of a file transfer protocol, a hypertext transfer protocol, and an internet relay chat protocol, and utilizing a white list for conditionally preventing communication based on an application identifier; preventing opening of unrecognized attachments when the attachments reside in a temporary directory; preventing executable files from being infected via the network by determining whether a request to open the executable files is a local request or a remote request and conditionally allowing the opening of the executable files based on whether the request is determined to be the local request or the remote request; wherein the mass-mailing-type malware is capable of sending a multiplicity of electronic messages to a multiplicity of recipients; wherein the prevention of the opening of the unrecognized attachments is limited to situations where the unrecognized attachments are received via at least one of an electronic message and a web page.
-
Specification