Analyzing data gathered through different protocols
First Claim
1. A method of performing a security analysis of a set of data received on a mobile communications device, the method comprising:
- on a mobile communications device having multiple network hardware interfaces for receiving data, in response to receipt of the set of data by the mobile communications device through a first type of network hardware interface and a second type of network hardware interface, gathering information about the set of data received by the mobile communications device, a first subset of the set of data received at the first type of network hardware interface and a second subset of the set of data received at the second type of network hardware interface having different protocols;
based upon the gathering step, assigning a first protocol to the first subset of data received from the first type of network hardware interface and assigning a second protocol to the second subset of data received from the second type of network hardware interface; and
performing a common security analysis on at least a part of the data received from each of the first and second types of network hardware interfaces to determine whether the set of data received by the mobile communications device is safe or malicious, the common security analysis including;
analyzing the first subset of data formatted according to the first protocol using a first protocol analysis component, andanalyzing the second subset of data formatted according to the second protocol using a second protocol analysis component.
8 Assignments
0 Petitions
Accused Products
Abstract
A security analysis of data received on a mobile communications device includes gathering information about the data through at least two of multiple network interfaces, each of the at least two network interfaces having different protocols. Based upon the gathering, a first protocol is assigned to the data received from a first of the at least two network interfaces. A second protocol is assigned to the data received from a second of the at least two network interfaces. A common security analysis is performed on at least a part of the data received from each of the first and second network interfaces to determine whether the data received by the mobile communications device is safe or malicious.
281 Citations
25 Claims
-
1. A method of performing a security analysis of a set of data received on a mobile communications device, the method comprising:
-
on a mobile communications device having multiple network hardware interfaces for receiving data, in response to receipt of the set of data by the mobile communications device through a first type of network hardware interface and a second type of network hardware interface, gathering information about the set of data received by the mobile communications device, a first subset of the set of data received at the first type of network hardware interface and a second subset of the set of data received at the second type of network hardware interface having different protocols; based upon the gathering step, assigning a first protocol to the first subset of data received from the first type of network hardware interface and assigning a second protocol to the second subset of data received from the second type of network hardware interface; and performing a common security analysis on at least a part of the data received from each of the first and second types of network hardware interfaces to determine whether the set of data received by the mobile communications device is safe or malicious, the common security analysis including; analyzing the first subset of data formatted according to the first protocol using a first protocol analysis component, and analyzing the second subset of data formatted according to the second protocol using a second protocol analysis component. - View Dependent Claims (2, 3)
-
-
4. A method of performing a security analysis of a set of data to be transmitted using two different types of network hardware interfaces of a mobile communications device, the method comprising:
-
in response to a request to transmit the set of data to be transmitted from the mobile communications device, gathering information about the set of data to be transmitted by the mobile communications device, the set of data to include a first subset of data for a first type of network hardware interface and a second subset of data for a second type of network hardware interface; identifying a first protocol of the first subset of data to be transmitted and a second protocol of the second subset of data to be transmitted; and performing a common security analysis on at least a part of the data to be transmitted using each of the two types of network hardware interfaces to determine whether the set of data to be transmitted by the mobile communications device is safe or malicious, the common security analysis including; analyzing the first subset of data formatted according to the first protocol using a first protocol analysis component, and analyzing the second subset of data formatted according to the second protocol using a second protocol analysis component. - View Dependent Claims (5, 6)
-
-
7. A method of determining whether to allow or deny use of a set of data received using two different types of network hardware interfaces of a mobile communications device, the method comprising:
-
in response to a request for the mobile communications device to use the received data, identifying a first protocol of a first subset of the data received from a first of the two types of network hardware interfaces and identifying a second protocol of a second subset of the data received from a second of the two types of network hardware interfaces; performing a common security analysis on at least a part of the data received using each of the two network hardware interfaces according to their respective identified protocols, the common security analysis including; analyzing the first subset of data formatted according to the first protocol using a first protocol analysis component, and analyzing the second subset of data formatted according to the second protocol using a second protocol analysis component; and permitting further use of the received set of data based a determination of whether the data received by the mobile communications device is safe or malicious. - View Dependent Claims (8, 9)
-
-
10. A method of determining whether to allow or deny transmission of a set of data using two different types of network hardware interfaces of a mobile communications device, the method comprising:
-
in response to a request to transmit the set of data from the mobile communications device, identifying a first and a second protocol of the data to be transmitted, the first and second protocols corresponding to a first type and a second type of network hardware interface; performing a common security analysis on at least a part of the data to be transmitted using each of the two types of network interfaces according to their respective identified protocols, the common security analysis including; analyzing a first subset of data formatted according to the first protocol using a first protocol analysis component, and analyzing a second subset of data formatted according to the second protocol using a second protocol analysis component; and allowing or denying transmission of the set of data to be transmitted based upon a determination of whether the data to be transmitted by the mobile communications device is safe or malicious. - View Dependent Claims (11, 12)
-
-
13. A method comprising:
-
on a mobile communications device that employs two different types of network hardware interfaces each type employing a different communications protocol, wherein a communications protocol is for receiving and processing data by mobile communications device operating system sub-systems, at a mobile communications device security system, receiving a set of data from the two network interface sources and in the two communications protocols; in response to the interception or detection of the set of data received using the two network hardware interface sources, at the mobile communications device security system, before the set of received data is allowed to reach a downstream destination, identifying at least the two communications protocols; at the mobile communications device security system, based at least in part upon the identified communications protocols, performing a common security analysis on at least part of the received data of each of the two network hardware interfaces to determine if the set of received data should be allowed to reach the downstream destination based upon whether the set of data received by the mobile communications device is safe or malicious, the common security analysis including; analyzing a first subset of the received data formatted according to a first identified communications protocol using a first protocol analysis component, and analyzing a second subset of the received data formatted according to a second identified communications protocol using a second protocol analysis component. - View Dependent Claims (14, 15)
-
-
16. A method comprising:
-
on a mobile communications device that employs at least two different communications protocols for processing data by mobile communications device operating system sub-systems, and that employs at least two different types of network hardware interfaces for sending data, at a mobile communications device security system, receiving a set of data from the mobile communications device operating system sub-systems for transmitting using a first type and a second type of network hardware interface node and in first and second different communications protocols corresponding to the first and second types of network hardware interface nodes on the mobile communications device to a downstream destination; in response to a request to transmit the set of data through the first and second network hardware interface nodes, at the mobile communications device security system, before the data to be transmitted by the mobile communications device security system is transmitted to the downstream destination, identifying at least the first and second communications protocols; at the mobile communications device security system, performing a common security analysis on the set of data to be transmitted, based upon each of its identified communications protocols, to determine if the set of data to be transmitted should be allowed to reach the downstream destination based upon whether the set of data received by the mobile communications device is safe or malicious, the common security analysis including; analyzing a first subset of the set of data formatted according to the first identified communications protocol using a first protocol analysis component, and analyzing a second subset of the set of data formatted according to the second identified communications protocol using a second protocol analysis component. - View Dependent Claims (17, 18)
-
-
19. A method comprising:
-
on a mobile communications device that employs multiple communications protocols for processing data by mobile communications device operating system sub-systems, and that employs multiple network interfaces for receiving and sending data, at a mobile communications device security system, receiving a first subset of a set of data from a first mobile communications device operating system sub-system, and in response to receiving the first subset of data from the first mobile communications device operating system sub-system, identifying a first communications protocol for the first subset of data corresponding to the first mobile communications device operating system sub-system; in response to a request to transmit the set of data to a second mobile communications device operating system sub-system, the second sub-system being a type of sub-system different from the first, before the set of data to be transmitted is transmitted to the second mobile communications device operating system sub-system, at the mobile communications device security system, identifying a second communications protocol for a second subset of the set of data corresponding to the second mobile communications device operating system sub-system; based upon the identified first protocol for the first subset of data and the identified second protocol for the second subset of data, respectively, performing a common security analysis of at least a part of the received data and of at least a part of the data to be transmitted to determine whether the set of data to be transmitted should be allowed to reach the second mobile communications device operating system sub-system based upon whether the set of data to be transmitted by the mobile communications device is safe or malicious, the common security analysis including; analyzing the first subset of data formatted according to the first communications protocol using a first protocol analysis component, and analyzing the second subset of data formatted according to the second communications protocol using a second protocol analysis component. - View Dependent Claims (20, 21, 22, 23)
-
-
24. On a mobile communications device with an operating system and operating system subsystems, a method comprising:
-
in response to the interception or detection of received data at two different types of network interfaces on the mobile communications device, before a set of the received data is permitted to proceed to its target destination with an operating system subsystem, gathering the received data and identifying a first communications protocol for a first subset of received data corresponding to a first type of network hardware interface and a second communications protocol for a second subset of received data corresponding to a second network hardware interface, the first and second types of protocols being different from each other; performing a common classification analysis on at least a part of the received data from each of the two network hardware interfaces according to the determined first communications protocol and second communications protocol to determine a classification for the set of received data, the common security analysis including; analyzing the first subset of received data formatted according to the first communications protocol using a first protocol analysis component, and analyzing the second subset of received data formatted according to the second communications protocol using a second protocol analysis component; and
,using the determined classification for the set of received data to determine whether the set of received data should either be allowed to proceed to its target destination, or be prevented from proceeding to its target destination.
-
-
25. A method of performing a dynamic security analysis of a set of data being received on a mobile communications device, the method comprising:
-
on a mobile communications device having multiple network hardware interfaces for receiving data, when receiving the set of data using a first type of network hardware interface and using a second type of network hardware interface, the data being received using the first network hardware interface having a different communications protocol from the data being received using the second network hardware interface, gathering information about the set of data being received by the mobile communications device; based upon the gathering step, assigning a first communications protocol to data being received using the first type of network hardware interface and assigning a second communications protocol to data being received using the second type of network hardware interface; and performing a common dynamic security analysis on a first subset of the set of data, the first subset assigned the first protocol, and on a second subset of the set of data, the second subset assigned the second protocol, to determine whether the set of data being received by the mobile communications device is safe or malicious, the common dynamic security analysis including; analyzing the first subset while formatted according to the first communications protocol and using a first protocol analysis component, and analyzing the second subset while formatted according to the second communications protocol using a second protocol analysis component.
-
Specification