Methods and apparatus providing automatic signature generation and enforcement
First Claim
Patent Images
1. A method of providing computer security on a computer system, the method comprising:
- receiving execution information associated with at least one computer system, the execution information identifying details associated with a traffic flow on the at least one computer system, the traffic flow comprising a plurality of data payloads on the at least one computer system;
identifying a set of one or more sub-strings from the plurality of data payloads on the at least one computer system;
generating a signature based on the set of one or more sub-strings from the plurality of data payloads on the at least one computer system, the signature utilized to prevent further damage caused to the at least one computer system by at least one attack.
0 Assignments
0 Petitions
Accused Products
Abstract
A system inserts at least one notifying identifier in the computer system. The at least one notifying identifier provides execution information associated with the computer system. The system receives execution information from the at least one notifying identifier, the execution information identifies details associated with a traffic flow on the computer system. The system then generates a signature based on a deterministic link provided by the execution information provided by the at least one notifying identifier. The signature is utilized to prevent further damage caused to the computer system by at least one attack.
6 Citations
18 Claims
-
1. A method of providing computer security on a computer system, the method comprising:
-
receiving execution information associated with at least one computer system, the execution information identifying details associated with a traffic flow on the at least one computer system, the traffic flow comprising a plurality of data payloads on the at least one computer system; identifying a set of one or more sub-strings from the plurality of data payloads on the at least one computer system; generating a signature based on the set of one or more sub-strings from the plurality of data payloads on the at least one computer system, the signature utilized to prevent further damage caused to the at least one computer system by at least one attack. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computerized device comprising:
-
a memory; a hardware processor; a communications interface; an interconnection mechanism coupling the memory, the hardware processor and the communications interface; wherein the memory is encoded with a signature generating application that when executed on the hardware processor is capable of providing computer security on the computerized device by performing the operations of; receiving execution information associated with at least one computer system, the execution information identifying details associated with a traffic flow on the at least one computer system, the traffic flow comprising a plurality of data payloads on the at least one computer system; identifying a set of one or more sub-strings from the plurality of data payloads on the at least one computer system; generating a signature based on the set of one or more sub-strings from the plurality of data payloads on the at least one computer system, the signature utilized to prevent further damage caused to the at least one computer system by at least one attack. - View Dependent Claims (9, 10, 11)
-
-
12. A non-transitory computer readable medium encoded with computer programming logic that when executed on a process in a computerized device provides computer security, the medium comprising:
-
instructions for execution information associated with at least one computer system, the execution information identifying details associated with a traffic flow on the at least one computer system, the traffic flow comprising a plurality of data payloads on the at least one computer system; instructions for identifying a set of one or more sub-strings from the plurality of data payloads on the at least one computer system; and instructions for generating a signature based on the set of one or more sub-strings from the plurality of data payloads on the at least one computer system, the signature utilized to prevent further damage caused to the at least one computer system by at least one attack. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
Specification