Method to trickle and repair resources scanned using anti-virus technologies on a security gateway
First Claim
1. A computer implemented method comprising:
- receiving data from a sending computer system, said data for delivery to a target computer system;
trickling at least a portion of said data to said target computer system over an in-band communication channel;
determining whether said data contains malicious code;
upon a determination that said data contains malicious code, terminating said trickling;
determining whether said data is repairable;
upon a determination that said data is repairable, generating repaired data;
generating an out-of-band target data notification said out-of-band target data notification causing said target computer system to remove said at least a portion of said data from said target computer system;
sending said out-of-band target data notification to said target computer system over an out-of-band communication channel;
receiving an out-of-band target acknowledgment from said target computer system; and
sending said repaired data to said target computer system.
2 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, a trickle and repair application receives data from a sending computer system and trickles the data to a target computer system over an in-band communication channel. The received data is evaluated for the presence of malicious code. When malicious code is detected in the data, trickling of the data is terminated. If the infected data is repairable, the data is repaired and an out-of-band target data notification is generated and sent to the target computer system. In one embodiment, receipt of the out-of-band target data notification causes the target computer system to flush the current buffer and any local files containing the trickled data. The target computer system returns an out-of-band target acknowledgement to the trickle and repair application and the repaired data is sent to the target computer system.
236 Citations
20 Claims
-
1. A computer implemented method comprising:
-
receiving data from a sending computer system, said data for delivery to a target computer system; trickling at least a portion of said data to said target computer system over an in-band communication channel; determining whether said data contains malicious code; upon a determination that said data contains malicious code, terminating said trickling; determining whether said data is repairable; upon a determination that said data is repairable, generating repaired data; generating an out-of-band target data notification said out-of-band target data notification causing said target computer system to remove said at least a portion of said data from said target computer system; sending said out-of-band target data notification to said target computer system over an out-of-band communication channel; receiving an out-of-band target acknowledgment from said target computer system; and sending said repaired data to said target computer system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer system comprising:
-
a memory having stored therein a trickle and repair application; and a processor coupled to said memory, wherein execution of said trickle and repair application generates a method comprising; receiving data from a sending computer system, said data for delivery to a target computer system; trickling at least a portion of said data to said target computer system over an in-band communication channel; determining whether said data contains malicious code; upon a determination that said data contains malicious code, terminating said trickling; determining whether said data is repairable; upon a determination that said data is repairable, generating repaired data; generating an out-of-band target data notification, said out-of-band target data notification causing said target computer system to remove said at least a portion of said data from said target computer system; sending said out-of-band target data notification to said target computer system over an out-of-band communication channel; receiving an out-of-band target acknowledgment from said target computer system; and sending said repaired data to said target computer system.
-
-
15. A computer program product comprising a tangible computer readable medium containing computer program code comprising:
-
a trickle and repair application for receiving data from a sending computer system, said data for delivery to a target computer system; said trickle and repair application further for trickling at least a portion of said data to said target computer system over an in-band communication channel; said trickle and repair application further for determining whether said data contains malicious code; upon a determination that said data contains malicious code, said trickle and repair application further for terminating said trickling; said trickle and repair application further for determining whether said data is repairable; upon a determination that said data is repairable, said trickle and repair application further for generating repaired data; said trickle and repair application further for generating an out-of-band target data notification said out-of-band target data notification causing said target computer system to remove said at least a portion of said data from said target computer system; said trickle and repair application further for sending said out-of-band target data notification to said target computer system over an out-of-band communication channel; said trickle and repair application further for receiving an out-of-band target acknowledgment from said target computer system; and said trickle and repair application further for sending said repaired data to said target computer system. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification