U.S. patents available from 1976 to present.
U.S. patent applications available from 2005 to present.

Icon_funbox Quotables

"Man will not fly for 50 years."

Wilbur Wright ; 1901

Newsletter  PatentStorm News

Make the Most of PatentStorm

See this month's Top Inventors and Most Cited Patents.

Stay on top of the latest patents by subscribing to an RSS feed.

Got questions? Ask a Patent Expert!

Registered users: Manage your profile, comments and alerts.

 

Class 726/22 - MONITORING OR SCANNING OF SOFTWARE OR DATA INCLUDING ATTACK PREVENTION


Subclass of Class 726 - Information security
Definition: Subject matter comprising systems, methods, and apparatus
No. of patents: 724
Last issue date: 03/16/2010


1                      
NumberTitleIssue Date
7681234Preventing phishing attacks
A system for protecting against information security breaches comprises a credential module that maintains a list of protected security credentials that are each associated with a known computing system and that detects when a security credential in the list is used...
03/16/2010
7673340System and method for analyzing system user behavior
A system and method for monitoring and analyzing user activity of an interactive system, providing insight and recommendations to improve the interactive system based on the user activity. The present invention analyzes user behavior in the context of the structure ...
03/02/2010
7669238Evidence-based application security
Evidence-based application security may be implemented at the application and/or application group levels. A manifest may be provided defining at least one trust condition for the application or application group. A policy manager evaluates application evidence (e.g...
02/23/2010
7669242Agent presence monitor configured to execute in a secure environment
Embodiments of a method and system for detecting and confirming an agent presence are disclosed herein. The agent presence can be confirmed by a secure management engine configured to execute in a secure execution environment. In various embodiments, a secure execut...
02/23/2010
7669240Apparatus, method and program to detect and control deleterious code (virus) in computer network
A detection and response system including a set of algorithms for detection within a stream of normal computer traffic a subset of TCP packets with one IP Source Address (SA), one Destination Port (DP), and a number exceeding a threshold of distinct Destination Addr...
02/23/2010
7669239Secure network system and associated method of use
A network computer system for providing security that includes a monitoring function for the network computer system utilizing compartments that can be logical or separate physical hardware, at least one outside server for an untrusted computer network, e.g., global...
02/23/2010
7669243Method and system for detection and neutralization of buffer overflow attacks
A method for detecting a stack buffer overflow attack is provided that includes receiving a memory access request from a processor core of a system, and determining that the memory access request indicates a stack buffer overflow attack. The method may further inclu...
02/23/2010
7669237Enterprise-wide security system for computer devices
A system and method for securing data in mobile devices includes a computing node and a plurality of mobile devices. A node security program executed in the computing node interfaces with a device security program executed at a mobile device. The computing node is r...
02/23/2010
7669241Streaming algorithms for robust, real-time detection of DDoS attacks
A distinct-count estimate is obtained in a guaranteed small footprint using a two level hash, distinct count sketch. A first hash fills the first-level hash buckets with an exponentially decreasing number of data-elements. These are then uniformly hashed to an array...
02/23/2010
7665133System and method for monitoring processing in a document processing peripheral
This invention is directed to a system and method for monitoring the processes of a document processing peripheral, including unauthorized access thereof. More particularly, this invention is directed to a system and method for monitoring the processes of a document...
02/16/2010
7665134Profiling users based on artificially constructed deceptive content
Profiling a user is disclosed. The user's behavior with respect to specially designed content comprised of one or more units of content is monitored. The specially designed content is designed such that one or more characteristics of the user may be inferred based a...
02/16/2010
7665135Detecting and addressing network attacks
A method and system are provided for preventing network service shutdowns resulting from denial of service (DOS) attacks. First, parameters are monitored corresponding to network elements carrying communication signal traffic in a communications network, and, based ...
02/16/2010
7665136Method and apparatus for detecting hidden network communication channels of rootkit tools
Methods and apparatuses for detecting hidden network channels of rootkit tools are described. In one embodiment, critical endpoint events detected at an endpoint computer system are selectively logged to an endpoint database. Also, critical network events associated...
02/16/2010
7661134Apparatus, methods and articles of manufacture for securing computer networks
Apparatus, methods, and articles of manufacture are claimed for securing, maintaining, monitoring and controlling computer networks and clients located therein by use of client hash code tables, which are stored on a server. Clients subsequently provide client state...
02/09/2010
7661137Distributed computation in untrusted computing environments using distractive computational units
An apparatus, program product and method initiate the execution of distractive computational units along with the execution of other computational units on an untrusted computer to inhibit the reconstitution of a computation by an untrusted party. In particular, alo...
02/09/2010
7661135Apparatus, system, and method for gathering trace data indicative of resource activity
An apparatus, system, and method are provided for gathering trace data indicative of resource activity on a computer system. The present invention includes a monitoring module that initiates one or more activity monitors on a target computer system to detect differe...
02/09/2010
7661136Detecting anomalous web proxy activity
A method, system and apparatus for detecting anomalous web proxy activity by end-users are disclosed. The techniques include analyzing records from a web proxy log and determining whether the records contain anomalous end-user activity by inspecting a uniform resour...
02/09/2010
7657936Method for preventing time of check to time of use exploits
A method for preventing time of check to time of use exploits includes receiving a system call from a user space at a system call intercept and copying user space parameters from the user space to a kernel space responsive to the system call. The method also include...
02/02/2010
7657934Architecture to thwart denial of service attacks
A monitoring device is disposed to thwart denial of service attacks on a data center. The monitoring device is a device that collects statistical information on packets that are sent between a network and the data center for a plurality of customers by examining tra...
02/02/2010
7657935System and methods for detecting malicious email transmission
A system and methods of detecting an occurrence of a violation of an email security policy of a computer system. A model relating to the transmission of prior emails through the computer system is defined which is derived from statistics relating to the prior emails...
02/02/2010
7653940Tracing and identifying piracy in wireless digital rights management system
Provides methods for tracing and identifying a piracy in a wireless rights management system, wherein the content provider allow the protected digital content to be super-distributed, when unauthorized holding a pirated copy of the protected digital content is detec...
01/26/2010
7653941System and method for detecting an infective element in a network environment
A method for detecting an infective element in a network environment is provided that includes detecting, by a first computer, an infective element within a second computer. A signal is generated and communicated that identifies the second computer as being associat...
01/26/2010
7647634Managing access to a network
One embodiment of the invention is directed to managing access of a host computer to a network. A first communication session with the host computer may be conducted to authenticate the host computer's identity. A second communication session with the host computer ...
01/12/2010
7647633Malicious mobile code runtime monitoring system and methods
Protection systems and methods provide for protecting one or more personal computers (“PCs”) and/or other intermittently or persistently network accessible devices or processes from undesirable or otherwise malicious operations of Java™ applets, ActiveX™ con...
01/12/2010
7647631Automated user interaction in application assessment
Various embodiments of systems, methods, software tools, etc. for performing an assessment of an application are provided. One embodiment comprises a method for performing an assessment of a web application. One such method comprises: recording user interactions wit...
01/12/2010
7647632Object reference in a system
A system can be configured using configuration objects that have the ability to refer to one another. In one embodiment, the present invention includes such a system having a plurality of objects used to configure the system, each object having a uniform resource id...
01/12/2010
7644438Security event aggregation at software agent
A network security system can have a plurality of distributed software agents configured to collect security events from network devices. In one embodiment, the agents are configured to aggregate the security events. In one embodiment of the present invention, an ag...
01/05/2010
7640585Intrusion detection sensor detecting attacks against wireless network and system and method of detecting wireless network intrusion
An intrusion detection system and method of a wireless network providing wireless communication to one or more wireless terminal, and an intrusion detection sensor capable of detecting attacks against wireless network are provided. The intrusion detection system of ...
12/29/2009
7640584System and method for enhancing computer security
A method for enhancing security of a computer system is provided. The computer system may include a plurality of microprocessors and a security management processor for managing execution of applications in isolation on the plurality of microprocessors. Each of the ...
12/29/2009
7640583Method and system for protecting anti-malware programs
In general, embodiments of the present invention provide protection for anti-malware software programs (also referred to herein as anti-malware) that is in addition to the protection that currently exists. In particular, instead of only protecting anti-malware progr...
12/29/2009
7636943Method and system for detecting blocking and removing spyware
In one aspect, the present invention is directed to a method for detecting spyware activity, the method comprises the steps of: monitoring outgoing communication data sent from a user's computer; searching for predefined keywords within the communication data; indic...
12/22/2009
7636942Method and system for detecting denial-of-service attack
A monitoring device monitors a packet transmitted to a communication device that is a target of the denial-of-service attack, and detects traffic abnormality information indicating an abnormality of traffic due to the packet with respect to the communication device....
12/22/2009
7636944Method and apparatus for detecting and responding to email based propagation of malicious software in a trusted network
Embodiments of the invention provide a method and an apparatus for detecting and responding to email based propagation of malicious software (malware) in a trusted network. One embodiment provides a detector decoy email account to serve as generic bait for malicious...
12/22/2009
7634807System and method to establish and maintain conditional trust by stating signal of distrust
A system and method is provided that establishes and maintains conditional trust by stating a signal of distrust from a trustee's computing platform to a trustor's computing platform. The trustor attests a trustee at a given time and also sends trust conditions to t...
12/15/2009
7634808Method and apparatus to block fast-spreading computer worms that use DNS MX record queries
Parameters of DNS transactions associated with DNS MX record queries, which may be performed by mass-mailing worms from a host computer system, are detected at a DNS proxy and collected. An outbound SMTP transaction, such as an e-mail message, received at an SMTP pr...
12/15/2009
7634811Validation of secure sockets layer communications
Computer-implemented methods, apparati, and computer-readable media for thwarting computer attacks. A method embodiment of the present invention comprises the steps of examining (52) a digital certificate (20) presented by a server computer (2);...
12/15/2009
7634810Phishing detection, prevention, and notification
Phishing detection, prevention, and notification is described. In an embodiment, a messaging application facilitates communication via a messaging user interface, and receives a communication, such as an email message, from a domain. A phishing detection module dete...
12/15/2009
7634809Detecting unsanctioned network servers
An enterprise network can have sanctioned and unsanctioned servers on it. Sanctioned servers are approved by an administrator and perform tasks such as web page serving and mail routing. Unsanctioned servers are not approved by the administrator and represent possib...
12/15/2009
7634806Peer assembly inspection
A method and system for preventing undesired behaviors by executable code modules in a peer-to-peer computer system are provided. When a code module is received, an assembly inspection module queries a blacklist for the received code module. When the received code m...
12/15/2009
7631353Blocking replication of e-mail worms
Computer-implemented methods, apparati, and computer-readable media for blocking the replication of computer worms in a computer. A method of the present invention comprises the steps of: for an e-mail program installed on the computer, finding the location of a tem...
12/08/2009
1                      
 
Forgot password?
Register here