×

Restricting a processing system being compromised with a threat

  • US 8,887,278 B2
  • Filed: 09/13/2007
  • Issued: 11/11/2014
  • Est. Priority Date: 09/15/2006
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method of restricting a client processing system being compromised by a threat, wherein the method comprises:

  • receiving, by a processor of a computing device, response data from a remote processing system, according to a request from the client processing system to download data from the remote processing system;

    determining whether the response data comprises an executable file;

    upon determining that the response data does not comprise an executable file, analyzing the response data to determine whether the response data is indicative of a threat to the client processing system;

    generating a wrapper of the analyzed response data, wherein the wrapper is indicative of scan data;

    upon determining that the response data does comprise an executable file, using, in one or more emulated operating systems of the computing device, the response data;

    monitoring, by the processor, behavior of the use of the data in the one or more emulated operating systems;

    analyzing the monitored behavior of the use of the data in the one or more emulated operating systems to determine whether malicious behavior indicative of a threat is detected; and

    in response to detecting a threat of the response data, restricting, by the processor, the client processing system being compromised with the threat of the response data, wherein restricting the client processing system comprises;

    removing a portion of the response data which is associated with malicious activity; and

    replacing the portion removed from the response data with a non-malicious portion.

View all claims
  • 6 Assignments
Timeline View
Assignment View
    ×
    ×