Remote security servers for protecting customer computers against computer security threats
First Claim
1. A computer-implemented method of checking a file for computer viruses, the method comprising:
- detecting reception of a file in a client computer;
generating a query input for the file;
in the client computer, determining if the query input has corresponding security information in a remotely located security server before the query input is transmitted from the client computer to the remotely located security server over a computer network;
after determining that the query input has corresponding security information in the remotely located security server, transmitting the query input from the client computer to the remotely located security server over the computer network; and
receiving security information in the client computer over the computer network, the security information indicating whether or not the file is infected with a computer virus.
1 Assignment
0 Petitions
Accused Products
Abstract
A client computer may be configured to perform computer security operations in conjunction with a remotely located security server. Upon detection of a computer security event, such as reception of a file, the client computer may generate a query input and determine if the query input has corresponding security information in the security server. When the query input has corresponding security information, the client computer may forward the query input to the security server. In response, the security server may retrieve the security information using the query input and provide the security information to the client computer. As a particular example, the security event may be reception of a file in the client computer and the security information may indicate whether or not the file is infected with a computer virus.
27 Citations
19 Claims
-
1. A computer-implemented method of checking a file for computer viruses, the method comprising:
-
detecting reception of a file in a client computer; generating a query input for the file; in the client computer, determining if the query input has corresponding security information in a remotely located security server before the query input is transmitted from the client computer to the remotely located security server over a computer network; after determining that the query input has corresponding security information in the remotely located security server, transmitting the query input from the client computer to the remotely located security server over the computer network; and receiving security information in the client computer over the computer network, the security information indicating whether or not the file is infected with a computer virus. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A client computer having memory and a processor configured to execute computer-readable program code in the memory, the memory comprising:
-
a security manager comprising computer-readable program code for detecting malicious codes in the client computer; and a zero false negative filter comprising computer-readable program code for determining whether or not query inputs in a set of query inputs generated by the security manager in response to security events have corresponding security information in a remotely located security server, the zero false negative filter being configured to determine in the client computer whether or not any of the query inputs has corresponding security information in the remotely located security server before any of the query inputs is forwarded from the client computer to the security server over a computer network, to generate filtered query inputs comprising the set of query inputs minus query inputs with no corresponding security information in the remotely located security server, and to forward the filtered query inputs from the client computer to the remotely located security server over the computer network. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A system for protecting computers against computer security threats, the system comprising:
-
a client computer, the client computer being configured to generate a query input in response to a computer security event in the client computer, to determine if the query input has corresponding security information in a remotely located security server before the query input is forwarded to the security server, and to forward the query input to the security server over a computer network when the query input has the corresponding security information in the security server; and the security server configured to receive the query input, to use the query input to obtain the security information, and to provide the security information to the client computer, the security information indicating whether or not the security event poses a computer security threat. - View Dependent Claims (17, 18, 19)
-
Specification