Method and system for protecting a computer and a network from hostile downloadables

DC CAFC

US 7,613,926 B2
Filed: 03/07/2006
Issued: 11/03/2009
Est. Priority Date: 11/06/1997
Status: Expired due to Fees

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A computer-based method, comprising the steps of:

receiving an incoming Downloadable;

performing a hashing function on the incoming Downloadable to compute an incoming Downloadable ID;

retrieving security profile data for the incoming Downloadable from a database of Downloadable security profiles indexed according to Downloadable IDs, based on the incoming Downloadable ID, the security profile data including a list of suspicious computer operations that may be attempted by the Downloadable;

appending a representation of the retrieved Downloadable security profile data to the incoming Downloadable, to generate an appended Downloadable; and

transmitting the appended Downloadable to a destination computer.

View all claims

7 Assignments

Timeline View

Assignment View

Litigations

5 Petitions

Accused Products

Abstract

Protection systems and methods provide for protecting one or more personal computers (“PCs”) and/or other intermittently or persistently network accessible devices or processes from undesirable or otherwise malicious operations of Java™ applets, ActiveX™ controls, JavaScript™ scripts, Visual Basic scripts, add-ins, downloaded/uploaded programs or other “Downloadables” or “mobile code” in whole or part. A protection engine embodiment provides, within a server, firewall or other suitable “re-communicator,” for monitoring information received by the communicator, determining whether received information does or is likely to include executable code, and if so, causes mobile protection code (MPC) to be transferred to and rendered operable within a destination device of the received information, more suitably by forming a protection agent including the MPC, protection policies and a detected-Downloadable. An MPC embodiment further provides, within a Downloadable-destination, for initiating the Downloadable, enabling malicious Downloadable operation attempts to be received by the MPC, and causing (predetermined) corresponding operations to be executed in response to the attempts, more suitably in conjunction with protection policies.

105 Citations

View as Search Results

30 Claims

1. A computer-based method, comprising the steps of:
- receiving an incoming Downloadable;
  
  performing a hashing function on the incoming Downloadable to compute an incoming Downloadable ID;
  
  retrieving security profile data for the incoming Downloadable from a database of Downloadable security profiles indexed according to Downloadable IDs, based on the incoming Downloadable ID, the security profile data including a list of suspicious computer operations that may be attempted by the Downloadable;
  
  appending a representation of the retrieved Downloadable security profile data to the incoming Downloadable, to generate an appended Downloadable; and
  
  transmitting the appended Downloadable to a destination computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The computer-based method of claim 1 wherein the Downloadable includes an applet.
  - 3. The computer-based method of claim 1 wherein the Downloadable includes an active control.
  - 4. The computer-based method of claim 1 wherein the Downloadable includes program script.
  - 5. The computer-based method of claim 1 wherein suspicious computer operations include calls made to an operating system, a file system, a network system, and to memory.
  - 6. The computer-based method of claim 1 wherein the Downloadable security profile data includes a URL from where the Downloadable originated.
  - 7. The computer-based method of claim 1 wherein the Downloadable security profile data includes a digital certificate.

8. A system for managing Downloadables, comprising:
- a receiver for receiving an incoming Downloadable;
  
  a Downloader identifier for performing a hashing function on the incoming Downloadable to compute an incoming Downloadable ID;
  
  a database manager for retrieving security profile data for the incoming Downloadable from a database of Downloadable security profiles indexed according to Downloadable IDs, based on the incoming Downloadable ID, the security profile data including a list of suspicious computer operations that may be attempted by the Downloadable;
  
  a file appender coupled with said receiver for appending are presentation of the Downloadable security profile data to the incoming Downloadable, to generate an appended Downloadable; and
  
  a transmitter coupled with said file appender, for transmitting the appended Downloadable to a destination computer.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8 wherein the Downloadable includes an applet.
  - 10. The system of claim 8 wherein the Downloadable includes an active control.
  - 11. The system of claim 8 wherein the Downloadable includes program script.
  - 12. The system of claim 8 wherein suspicious computer operations include calls made to an operating system, a file system, a network system, and to memory.
  - 13. The system of claim 8 wherein the Downloadable security profile data includes a URL from where the Downloadable originated.
  - 14. The system of claim 8 wherein the Downloadable security profile data includes a digital certificate.

15. A computer-based method, comprising the steps of:
- receiving an incoming Downloadable;
  
  performing a hashing function on the incoming Downloadable to compute an incoming Downloadable ID;
  
  retrieving security profile data for the incoming Downloadable from a database of Downloadable security profiles indexed according to Downloadable IDs, based on the incoming Downloadable ID, the security profile data including a list of suspicious computer operations that may be attempted by the Downloadable; and
  
  transmitting the incoming Downloadable and a representation of the retrieved Downloadable security profile data to a destination computer, via a transport protocol transmission.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The computer-based method of claim 15 wherein the Downloadable includes an applet.
  - 17. The computer-based method of claim 15 wherein the Downloadable includes an active control.
  - 18. The computer-based method of claim 15 wherein the Downloadable includes program script.
  - 19. The computer-based method of claim 15 wherein suspicious computer operations include calls made to an operating system, a file system, a network system, and to memory.
  - 20. The computer-based method of claim 15 wherein the Downloadable security profile data includes a URL from where the Downloadable originated.
  - 21. The computer-based method of claim 15 wherein the Downloadable security profile data includes a digital certificate.

22. A system for managing Downloadables, comprising:
- a receiver for receiving an incoming Downloadable;
  
  a Downloadable identifier for performing a hashing function on the incoming Downloadable to compute an incoming Downloadable ID;
  
  a database manager for retrieving security profile data for the incoming Downloadable from a database of Downloadable security profiles indexed according to Downloadable IDs, based on the incoming Downloadable ID, the security profile data including a list of suspicious computer operations that may be attempted by the Downloadable; and
  
  a transmitter coupled with said receiver, for transmitting the incoming Downloadable and a representation of the retrieved Downloadable security profile data to a destination computer, via a transport protocol transmission.
- View Dependent Claims (23, 24, 25, 26, 27, 28)
- - 23. The system of claim 22 wherein the Downloadable includes an applet.
  - 24. The system of claim 22 wherein the Downloadable includes an active control.
  - 25. The system of claim 22 wherein the Downloadable includes program script.
  - 26. The system of claim 22 wherein suspicious computer operations include calls made to an operating system, a file system, a network system, and to memory.
  - 27. The system of claim 22 wherein the Downloadable security profile data includes a URL from where the Downloadable originated.
  - 28. The system of claim 22 wherein the Downloadable security profile data includes a digital certificate.

29. A computer-readable storage medium storing program code for causing at least one computing device to:
- receive an incoming Downloadable;
  
  perform a hashing function on the incoming Downloadable to compute an incoming Downloadable ID;
  
  retrieve security profile data for the incoming Downloadable from a database of Downloadable security profiles indexed according to Downloadable IDs, based on the incoming Downloadable ID, the security profile data including a list of suspicious computer operations that may be attempted by the Downloadable;
  
  append a representation of the retrieved Downloadable security profile data to the incoming Downloadable, to generate an appended Downloadable; and
  
  transmit the appended Downloadable to a destination computer.

30. A computer-readable storage medium storing program code for causing at least one computing device to:
- receive an incoming Downloadable;
  
  perform a hashing function on the incoming Downloadable to compute an incoming Downloadable ID;
  
  retrieve security profile data for the incoming Downloadable from a database of Downloadable security profiles indexed according to Downloadable IDs, based on the incoming Downloadable ID, the security profile data including a list of suspicious computer operations that may be attempted by the Downloadable; and
  
  transmit the incoming Downloadable and a representation of the retrieved Downloadable security profile data to a destination computer, via a transport protocol transmission.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Finjan Holdings, Inc. (SoftBank Group Corp.)
Original Assignee
Finjan Software Limited (SoftBank Group Corp.)
Inventors
Vered, Nimrod Itzhak, Touboul, Shlomo, Kroll, David R., Edery, Yigal Mordechai
Primary Examiner(s)
Revak; Christopher A

Application Number

US11/370,114
Publication Number

US 20060149968A1
Time in Patent Office

1,337 Days
Field of Search

None
US Class Current

713/181
CPC Class Codes

G06F 21/51   at application loading time...

G06F 21/52   during program execution, e...

G06F 2221/2119   Authenticating web pages, e...

G06F 2221/2141   Access rights, e.g. capabil...

H04L 63/1441   Countermeasures against mal...

H04L 63/145   the attack involving the pr...

H04L 63/168   above the transport layer

Method and system for protecting a computer and a network from hostile downloadables

First Claim

7 Assignments

Litigations

5 Petitions

Accused Products

Abstract

105 Citations

30 Claims

Specification

30 Family Members

Thank you for your feedback