[go: up one dir, main page]

GB2380303A - System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages - Google Patents

System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages

Info

Publication number
GB2380303A
GB2380303A GB0230154A GB0230154A GB2380303A GB 2380303 A GB2380303 A GB 2380303A GB 0230154 A GB0230154 A GB 0230154A GB 0230154 A GB0230154 A GB 0230154A GB 2380303 A GB2380303 A GB 2380303A
Authority
GB
United Kingdom
Prior art keywords
programs
data
hotel
guest
default
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GB0230154A
Other versions
GB0230154D0 (en
GB2380303B (en
Inventor
Yaron Mayer
Zak Dechovich
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to GB0510759A priority Critical patent/GB2411747B/en
Priority to GB0510762A priority patent/GB2411748B/en
Publication of GB0230154D0 publication Critical patent/GB0230154D0/en
Publication of GB2380303A publication Critical patent/GB2380303A/en
Priority to GB0506281A priority patent/GB2411988B/en
Application granted granted Critical
Publication of GB2380303B publication Critical patent/GB2380303B/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer And Data Communications (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Storage Device Security (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Malicious software attacks (such as stealing data, changing data or destroying data) on personal computers and/or servers and/or other computerized gadgets (especially through the Internet) are becoming more and more common and more and more dangerous, causing damages of tens of billions of dollars each year. The state-of the-art solutions are inherently limited because they solve only a limited number of problems on the surface, instead of going deeply into the roots of the problem. The most common solutions are Anti-viruses and Network firewalls. Anti-viruses are limited because they can only detect known viruses or worms that have already been identified (usually after they have already attacked many computers). Network firewalls are based on packet filtering, which is limited in principle, since the rules of which packets to accept or not may contain for example subjective decisions based on trusting certain sites or certain applications. However, once security is breached for any reason, for example due to an error or intended deception, a hostile application may take over the computer or server or the entire network and create unlimited damages (directly or by opening the door to additional malicious applications). They are also not effective against security holes for example in browsers or e-mail programs or in the operating system itself. According to an article in ZDnet from Jan 24, 2001, security holes in critical applications are discovered so often that just keeping up with all the patches is impractical. Also, without proper generic protection for example against Trojan horses, which can identify any malicious program without prior knowledge about it, even VPNs (Virtual Private Networks) and other form of data encryption, including digital signatures, are not really safe because the info can be stolen before or below the encryption. The present invention creates a general generic comprehensive solution by going deeply into the roots of the problem. One of the biggest absurdities of the state-of-the-art situation is that by default programs are allowed to do whatever they like to other programs or to their data files or to critical files of the operating system, which is as absurd as letting a guest in a hotel bother any other guests as he pleases, steal their property or copy it or destroy it, destroy their rooms, etc., or for example have free access to the hotel's safe or electronic switchboard or phone or elevator control room. The present concept is based on automatic segregation between programs: It is like limiting each guest by default to his room and limiting by default his access to the Hotel's strategic resources, so that only by explicit permission each guest can get additional privileges.
GB0230154A 2000-05-28 2001-05-28 System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages Expired - Lifetime GB2380303B (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
GB0510759A GB2411747B (en) 2000-05-28 2001-05-28 System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages
GB0510762A GB2411748B (en) 2000-05-28 2001-05-28 System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages
GB0506281A GB2411988B (en) 2000-05-28 2005-03-29 System and method for comprehensive general generic protection for computers against malicious programs that may stael information and/or cause damages

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
IL13641400 2000-05-28
US20959300P 2000-06-06 2000-06-06
US28401901P 2001-04-15 2001-04-15
PCT/IL2001/000487 WO2001092981A2 (en) 2000-05-28 2001-05-28 System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages

Publications (3)

Publication Number Publication Date
GB0230154D0 GB0230154D0 (en) 2003-02-05
GB2380303A true GB2380303A (en) 2003-04-02
GB2380303B GB2380303B (en) 2005-09-14

Family

ID=27271933

Family Applications (2)

Application Number Title Priority Date Filing Date
GB0230154A Expired - Lifetime GB2380303B (en) 2000-05-28 2001-05-28 System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages
GB0506281A Expired - Lifetime GB2411988B (en) 2000-05-28 2005-03-29 System and method for comprehensive general generic protection for computers against malicious programs that may stael information and/or cause damages

Family Applications After (1)

Application Number Title Priority Date Filing Date
GB0506281A Expired - Lifetime GB2411988B (en) 2000-05-28 2005-03-29 System and method for comprehensive general generic protection for computers against malicious programs that may stael information and/or cause damages

Country Status (7)

Country Link
EP (1) EP1305688A2 (en)
JP (1) JP2003535414A (en)
CN (1) CN1444742A (en)
AU (1) AU6263201A (en)
CA (1) CA2424352A1 (en)
GB (2) GB2380303B (en)
WO (1) WO2001092981A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2404262A (en) * 2003-06-19 2005-01-26 Yaron Mayer Protection for computers against malicious programs using a security system which performs automatic segregation of programs

Families Citing this family (63)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030159070A1 (en) * 2001-05-28 2003-08-21 Yaron Mayer System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages
US7613930B2 (en) 2001-01-19 2009-11-03 Trustware International Limited Method for protecting computer programs and data from hostile code
EP1225513A1 (en) 2001-01-19 2002-07-24 Eyal Dotan Method for protecting computer programs and data from hostile code
US7028305B2 (en) 2001-05-16 2006-04-11 Softricity, Inc. Operating system abstraction and protection layer
JP2004126854A (en) * 2002-10-01 2004-04-22 Mitsubishi Electric Corp Attack countermeasure device
US7793346B1 (en) 2003-01-17 2010-09-07 Mcafee, Inc. System, method, and computer program product for preventing trojan communication
WO2004075060A1 (en) * 2003-02-21 2004-09-02 Tabei, Hikaru Computer virus detection device
KR20060069791A (en) * 2003-05-07 2006-06-22 레반타 인코포레이티드 Detection and warning of viruses in shared, read-only file systems
US7188127B2 (en) 2003-10-07 2007-03-06 International Business Machines Corporation Method, system, and program for processing a file request
US7730318B2 (en) * 2003-10-24 2010-06-01 Microsoft Corporation Integration of high-assurance features into an application through application factoring
US20050091658A1 (en) * 2003-10-24 2005-04-28 Microsoft Corporation Operating system resource protection
US7111246B2 (en) * 2004-02-17 2006-09-19 Microsoft Corporation User interface accorded to tiered object-related trust decisions
US8332943B2 (en) 2004-02-17 2012-12-11 Microsoft Corporation Tiered object-related trust decisions
KR100596135B1 (en) * 2004-02-24 2006-07-03 소프트캠프(주) Access Control System for Each Application Using Virtual Disk and Its Control Method
US7406606B2 (en) * 2004-04-08 2008-07-29 International Business Machines Corporation Method and system for distinguishing relevant network security threats using comparison of refined intrusion detection audits and intelligent security analysis
US20050259678A1 (en) * 2004-05-21 2005-11-24 Gaur Daniel R Network interface controller circuitry
JP4638494B2 (en) * 2004-08-21 2011-02-23 ファン・コ−チェン Computer data protection methods
US20060041940A1 (en) * 2004-08-21 2006-02-23 Ko-Cheng Fang Computer data protecting method
CN100461091C (en) * 2004-08-24 2009-02-11 华盛顿大学 Method and system for content detection with reconfigurable hardware
US7587594B1 (en) 2004-08-30 2009-09-08 Microsoft Corporation Dynamic out-of-process software components isolation for trustworthiness execution
US7690033B2 (en) 2004-09-28 2010-03-30 Exobox Technologies Corp. Electronic computer system secured from unauthorized access to and manipulation of data
JP4688472B2 (en) * 2004-11-01 2011-05-25 株式会社エヌ・ティ・ティ・ドコモ Terminal control apparatus and terminal control method
US7478237B2 (en) * 2004-11-08 2009-01-13 Microsoft Corporation System and method of allowing user mode applications with access to file data
US7712086B2 (en) * 2004-12-15 2010-05-04 Microsoft Corporation Portable applications
US7654590B2 (en) 2005-01-04 2010-02-02 Illinois Tool Works, Inc. Magnetic appliance latch
US7490352B2 (en) * 2005-04-07 2009-02-10 Microsoft Corporation Systems and methods for verifying trust of executable files
ATE448625T1 (en) 2005-04-18 2009-11-15 Research In Motion Ltd METHOD AND SYSTEM FOR DETECTING MALICIOUS WIRELESS APPLICATIONS
US7665098B2 (en) 2005-04-29 2010-02-16 Microsoft Corporation System and method for monitoring interactions between application programs and data stores
CN100346252C (en) * 2005-09-28 2007-10-31 珠海金山软件股份有限公司 Device and method for repairing computer software security loopholes
US7917487B2 (en) 2005-12-13 2011-03-29 Microsoft Corporation Portable application registry
CN1909453B (en) * 2006-08-22 2011-04-20 深圳市深信服电子科技有限公司 Gateway/bridge based spy software invading-proof method
US7870336B2 (en) 2006-11-03 2011-01-11 Microsoft Corporation Operating system protection against side-channel attacks on secrecy
US20100071063A1 (en) * 2006-11-29 2010-03-18 Wisconsin Alumni Research Foundation System for automatic detection of spyware
EP2015212A1 (en) * 2007-06-29 2009-01-14 Axalto SA Portable mass storage device with hooking process
CN101370305B (en) * 2008-09-23 2011-10-26 中兴通讯股份有限公司 Method and system for protecting data traffic security
US8719901B2 (en) * 2008-10-24 2014-05-06 Synopsys, Inc. Secure consultation system
US8695090B2 (en) * 2008-10-31 2014-04-08 Symantec Corporation Data loss protection through application data access classification
US8850428B2 (en) 2009-11-12 2014-09-30 Trustware International Limited User transparent virtualization method for protecting computer programs and data from hostile code
US9311482B2 (en) * 2010-11-01 2016-04-12 CounterTack, Inc. Inoculator and antibody for computer security
US20130067578A1 (en) * 2011-09-08 2013-03-14 Mcafee, Inc. Malware Risk Scanner
US9043918B2 (en) * 2011-10-13 2015-05-26 Mcafee, Inc. System and method for profile based filtering of outgoing information in a mobile environment
RU2477520C1 (en) 2012-03-14 2013-03-10 Закрытое акционерное общество "Лаборатория Касперского" System and method for device configuration-based dynamic adaptation of antivirus application functional
US8732834B2 (en) * 2012-09-05 2014-05-20 Symantec Corporation Systems and methods for detecting illegitimate applications
WO2014153760A1 (en) * 2013-03-28 2014-10-02 Irdeto B.V. Detecting exploits against software applications
CN103729937A (en) * 2013-12-20 2014-04-16 广西科技大学 Electric vehicle charging and billing monitor system
CN103906045B (en) * 2013-12-25 2017-12-22 武汉安天信息技术有限责任公司 A kind of monitoring method and system of mobile terminal privacy taking and carring away
CN105162620B (en) * 2015-08-04 2018-11-27 南京百敖软件有限公司 A method of realizing system monitoring under different framework
US10303878B2 (en) * 2016-01-22 2019-05-28 Yu-Liang Wu Methods and apparatus for automatic detection and elimination of functional hardware trojans in IC designs
CN106020874A (en) * 2016-05-13 2016-10-12 北京金山安全软件有限公司 Data reporting method and device and terminal equipment
CN106598866A (en) * 2016-12-22 2017-04-26 合肥国信车联网研究院有限公司 smali intermediate language-based static detection system and method
CN106599708A (en) * 2017-02-21 2017-04-26 柳州桂通科技股份有限公司 Real-time access method for preventing visitors from maliciously destroying original data when exchange-accessing between networks and system thereof
KR102405752B1 (en) * 2017-08-23 2022-06-08 삼성전자주식회사 Method for controlling the permission of application program and electronic device
CN108217349B (en) * 2017-12-06 2020-10-13 上海新时达电气股份有限公司 Elevator pre-authorization control system and debugging method
CN108345522B (en) * 2017-12-15 2019-03-29 清华大学 Method, device and system for security detection of central processing unit (CPU)
US10742483B2 (en) 2018-05-16 2020-08-11 At&T Intellectual Property I, L.P. Network fault originator identification for virtual network infrastructure
US11561781B2 (en) * 2018-06-26 2023-01-24 Siemens Aktiengesellschaft Method and system for determining an appropriate installation location for an application to be installed in a distributed network environment
DE102018120344B4 (en) * 2018-08-21 2024-11-21 Pilz Gmbh & Co. Kg Automation system for monitoring a safety-critical process
EP3623886A1 (en) * 2018-09-17 2020-03-18 Siemens Aktiengesellschaft Method for managing a production process, and computer program for carrying out the method and electronically readable data carrier
DE102020114199A1 (en) 2020-05-27 2021-12-02 Basler Aktiengesellschaft Protection of computer systems against manipulation and functional anomalies
CN112600757B (en) * 2020-12-25 2023-03-10 深圳深度探测科技有限公司 Safety maintenance method based on asymmetric data transmission speed limiter
US12542805B2 (en) 2021-05-12 2026-02-03 Red Bend Ltd. Detecting and mitigating Bluetooth based attacks
CN114821314B (en) * 2022-04-19 2024-03-08 中铁建设集团有限公司 Airport pavement anomaly detection method based on machine vision
CN118659935A (en) * 2024-08-20 2024-09-17 潍坊众索信息技术有限公司 A computer abnormal login detection method and system

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5440723A (en) * 1993-01-19 1995-08-08 International Business Machines Corporation Automatic immune system for computers and computer networks
US5684875A (en) * 1994-10-21 1997-11-04 Ellenberger; Hans Method and apparatus for detecting a computer virus on a computer
US5765030A (en) * 1996-07-19 1998-06-09 Symantec Corp Processor emulator module having a variable pre-fetch queue size for program execution
US5832208A (en) * 1996-09-05 1998-11-03 Cheyenne Software International Sales Corp. Anti-virus agent for use with databases and mail servers
US6105072A (en) * 1993-08-10 2000-08-15 Fischer; Addison M. Method and apparatus for validating travelling object-oriented programs with digital signatures
US6108799A (en) * 1997-11-21 2000-08-22 International Business Machines Corporation Automated sample creation of polymorphic and non-polymorphic marcro viruses
US6256773B1 (en) * 1999-08-31 2001-07-03 Accenture Llp System, method and article of manufacture for configuration management in a development architecture framework

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002533791A (en) * 1998-09-10 2002-10-08 サンクタム、リミテッド Method and system for maintaining a restricted operating environment of an application program or operating system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5440723A (en) * 1993-01-19 1995-08-08 International Business Machines Corporation Automatic immune system for computers and computer networks
US6105072A (en) * 1993-08-10 2000-08-15 Fischer; Addison M. Method and apparatus for validating travelling object-oriented programs with digital signatures
US5684875A (en) * 1994-10-21 1997-11-04 Ellenberger; Hans Method and apparatus for detecting a computer virus on a computer
US5765030A (en) * 1996-07-19 1998-06-09 Symantec Corp Processor emulator module having a variable pre-fetch queue size for program execution
US5832208A (en) * 1996-09-05 1998-11-03 Cheyenne Software International Sales Corp. Anti-virus agent for use with databases and mail servers
US6108799A (en) * 1997-11-21 2000-08-22 International Business Machines Corporation Automated sample creation of polymorphic and non-polymorphic marcro viruses
US6256773B1 (en) * 1999-08-31 2001-07-03 Accenture Llp System, method and article of manufacture for configuration management in a development architecture framework

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2404262A (en) * 2003-06-19 2005-01-26 Yaron Mayer Protection for computers against malicious programs using a security system which performs automatic segregation of programs
GB2404262B (en) * 2003-06-19 2008-03-05 Yaron Mayer System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages

Also Published As

Publication number Publication date
EP1305688A2 (en) 2003-05-02
CA2424352A1 (en) 2001-12-06
WO2001092981A3 (en) 2002-04-25
JP2003535414A (en) 2003-11-25
GB2411988B (en) 2005-10-19
GB0230154D0 (en) 2003-02-05
GB0506281D0 (en) 2005-05-04
HK1084738A1 (en) 2006-08-04
GB2411988A (en) 2005-09-14
WO2001092981A2 (en) 2001-12-06
HK1084739A1 (en) 2006-08-04
GB2380303B (en) 2005-09-14
CN1444742A (en) 2003-09-24
AU6263201A (en) 2001-12-11

Similar Documents

Publication Publication Date Title
GB2380303A (en) System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages
EP0787397B1 (en) System and method for providing secure internetwork services
US9325738B2 (en) Methods and apparatus for blocking unwanted software downloads
US20120023593A1 (en) System and method for filtering internet content & blocking undesired websites by secure network appliance
US20110296164A1 (en) System and method for providing secure network services
US7793094B2 (en) HTTP cookie protection by a network security device
Kumar et al. Implementation of firewall & intrusion detection system using pfSense to enhance network security
Abid Shahzad et al. Protecting from zero-day malware attacks
Ali et al. Cyber security: Challenges, threats and protective measures of an organization
JP2000354034A (en) Business: hacker monitoring chamber
Aich et al. Study on cloud security risk and remedy
Pathak Cybercrime: A global threat to cybercommunity
Sousa A Review on Cyber Attacks and Its Preventive Measures
Rohilla et al. Comparison of Cloud Computing Security Threats and Their Counter Measures
Campbell Protection of systems
Saraf et al. Security threats and mitigation techniques affecting trust computation in cloud computing
Deng et al. TNC-UTM: A holistic solution to secure enterprise networks
Machap et al. Assessing tools to analyze the techniques and mechanism for network risk minimization
Amuthadevi et al. A Study on Web Application Vulnerabilities to find an optimal Security Architecture
McCormack Five stages of a web malware attack
Rosenberry Protecting Your Corporate Network from Your Employee's Home Systems
Macaulay Disrupting the Disruptors: How Cybersecurity Can Confront Hackers and a Skilled Worker Shortage with Its Own Disruptive Technologies.
Franklin Protecting the web server and applications
Alukwe Enhancing Cybersecurity: Smart Intrusion Detection in File Server SYSTEMS
Wang Optimal Design of Data Center Network Security Architecture

Legal Events

Date Code Title Description
732E Amendments to the register in respect of changes of name or changes affecting rights (sect. 32/1977)
PCNP Patent ceased through non-payment of renewal fee

Effective date: 20090528

S28 Restoration of ceased patents (sect. 28/pat. act 1977)

Free format text: APPLICATION FILED

S28 Restoration of ceased patents (sect. 28/pat. act 1977)

Free format text: RESTORATION ALLOWED

Effective date: 20110328

732E Amendments to the register in respect of changes of name or changes affecting rights (sect. 32/1977)

Free format text: REGISTERED BETWEEN 20190307 AND 20190313

PE20 Patent expired after termination of 20 years

Expiry date: 20210527