Selection of remotely located servers for computer security operations

US 8,087,081 B1
Filed: 11/05/2008
Issued: 12/27/2011
Est. Priority Date: 11/05/2008
Status: Active Grant

First Claim

Patent Images

1. A method of selecting a remotely located security server computer for computer security operation, the method to be performed by a client computer and comprising:

determining an available bandwidth for network communication between the client computer and a first security server computer in a plurality of security server computers available to provide remote scanning service to the client computer, the first security server computer being selected to provide the remote scanning service to the client computer;

determining protection status of the client computer based on the available bandwidth for network communication between the client computer and the first security server computer, the protection status having one of at least four different possible levels, each of the levels being indicative of vulnerability of the client computer to malicious codes;

allowing selection of a second security server computer in the plurality of security server computers to replace the first security server computer when the protection status of the client computer is below a threshold level; and

using the second security server computer to scan a file of the client computer for malicious codes.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A client computer may be configured to perform computer security operation services, such as malicious code scanning and protection against online threats, using one of several remotely located server computers. The client computer may be configured to determine an operational state of the server computers and determine a protection status of the client computer resulting from use of a server computer of a particular operational state. The protection status may have one of at least three levels and indicate vulnerability of the client computer. The client computer may determine the operational state of a server computer based on available bandwidth for network communication between the client computer and the server computer. The client computer may be configured to allow for automatic or manual selection of another server computer when the currently selected server computer results in the client computer having a protection status below a threshold level.

51 Citations

View as Search Results

20 Claims

1. A method of selecting a remotely located security server computer for computer security operation, the method to be performed by a client computer and comprising:
- determining an available bandwidth for network communication between the client computer and a first security server computer in a plurality of security server computers available to provide remote scanning service to the client computer, the first security server computer being selected to provide the remote scanning service to the client computer;
  
  determining protection status of the client computer based on the available bandwidth for network communication between the client computer and the first security server computer, the protection status having one of at least four different possible levels, each of the levels being indicative of vulnerability of the client computer to malicious codes;
  
  allowing selection of a second security server computer in the plurality of security server computers to replace the first security server computer when the protection status of the client computer is below a threshold level; and
  
  using the second security server computer to scan a file of the client computer for malicious codes.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 wherein determining the available bandwidth for network communication between the client computer and the first security server computer comprises:
    - transmitting probing packets from the client computer to the first security server computer;
      
      receiving an acknowledgement packet from the security server computer that the security server computer received the probing packets; and
      
      determining the time between transmitting the probing packets to the security server computer and receiving the acknowledgement packet in the client computer.
  - 3. The method of claim 1 wherein allowing selection of the second security server computer comprises:
    - displaying a user interface on a display monitor of the client computer, the user interface including a listing of security server computers in the plurality of security server computers along with a protection status resulting from selection of the listed security server computers; and
      
      allowing a user of the client computer to manually select one of the listed security server computers.
  - 4. The method of claim 3 wherein the user interface includes a graphical icon indicating a current protection status of the client computer.
  - 5. The method of claim 3 wherein the user interface further includes a component that may be activated by a user of the client computer to view the listing of security server computers.
  - 6. The method of claim 3 wherein the user interface comprises a pop-up display.
  - 7. The method of claim 1 wherein allowing selection of the second security server computer comprises:
    - determining available bandwidth for network communication between each of the plurality of security server computers and the client computer; and
      
      automatically selecting the second security server computer, wherein available bandwidth for network communication between the second security server computer and the client computer is more than available bandwidth between a third security server computer and the client computer, the third security server computer being one of the plurality of security server computers.

8. A client computer comprising:
- a computer security module comprising computer-readable program code running in memory of the client computer, the computer security module being configured to perform a computer security operation in the client computer; and
  
  an active content distribution module comprising computer-readable program code running in the memory of the client computer, the active content distribution module being configured to select one of a plurality of security server computers available for use by the computer security module to perform the computer security operation based on available bandwidth for network communication between the client computer and the plurality of security server computers, the active content distribution module being configured to allow selection of one of the plurality of security server computers when a currently selected security server computer being used by the computer security module to perform the computer security operation results in the client computer having a protection status indicating the client computer is vulnerable to malicious codes or online threats, the protection status having one of at least four possible levels.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The client computer of claim 8 wherein the active content distribution module is configured to replace the currently selected security server computer with another security server computer having available bandwidth for network communication that results in the protection status meeting a minimum threshold level.
  - 10. The client computer of claim 8 wherein the active content distribution module is configured to display a user interface that displays a listing of the plurality of security server computers along with protection status resulting from selection of the plurality of security server computers.
  - 11. The client computer of claim 8 wherein the active content distribution module is configured to display a user interface with a graphical icon of the protection status.
  - 12. The client computer of claim 8 wherein the computer security operation comprises scanning of a file of the client computer for malicious codes.
  - 13. The client computer of claim 12 wherein the client computer is configured to provide the file to the currently selected security server computer where the file is scanned for malicious codes and to receive in the client computer a result of scanning the file for malicious codes.
  - 14. The client computer claim 8 wherein the computer security operation comprises detecting spam e-mail.
  - 15. The client computer of claim 8 wherein the computer security operation comprises detecting malicious websites.

16. A method of selecting a remotely located server for computer security operation, the method to be performed by a client computer and comprising:
- determining an operational state of each of a plurality of server computers configured to provide a computer security operation service to the client computer;
  
  determining a protection status of the client computer for each of the plurality of server computers; and
  
  allowing selection of a second server computer in the plurality of server computers when the protection status of the client computer is below a minimum level due to use of a first server computer currently being used by the client computer to provide the computer security operation service to the client computer.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method of claim 16 wherein allowing selection of the second server computer comprises:
    - displaying a user interface on a display monitor of the client computer, the user interface including a listing of the plurality of security server computers along with resulting protection status; and
      
      allowing a user of the client computer to manually select one of the plurality of server computers.
  - 18. The method of claim 16 wherein allowing selection of the second server computer comprises:
    - automatically selecting the second server computer based on available bandwidth for network communication between the second server computer and the client computer, wherein the available bandwidth for network communication between the second server computer and the client computer is more than available bandwidth between a third server computer and the client computer, the third server computer being one of the plurality of server computers.
  - 19. The method of claim 16 wherein the computer security operation service is for malicious code scanning.
  - 20. The method of claim 16 wherein determining the operational state of each of the plurality of server computers comprises determining available bandwidth for network communication between each of the plurality of server computers and the client computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Trend Micro Inc.
Original Assignee
Trend Micro Inc.
Inventors
Wang, Jay, Chun, Lou Ju, Chan, Chia-Wen, Lin, Sam, Lu, Chih-Kang, Yen, Sean
Primary Examiner(s)
Lim, Krisna

Application Number

US12/265,598
Time in Patent Office

1,147 Days
Field of Search

726 22- 26
US Class Current

726/22
CPC Class Codes

G06F 21/56   Computer malware detection ...

H04L 43/0817   by checking functioning

H04L 43/0888   Throughput

H04L 63/145   the attack involving the pr...

H04L 67/101   based on network conditions

Selection of remotely located servers for computer security operations

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

51 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Selection of remotely located servers for computer security operations

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

51 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links