Context-aware real-time computer-protection systems and methods

A computer and environment technology, applied in computer security devices, computing, instruments, etc., can solve problems such as validity and reliability limitations, inability to identify malicious files, user annoyance, etc., to achieve the effect of minimizing performance impact

Active Publication Date: 2010-07-14
CA TECH INC
View PDF2 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

While a single file scan may not unduly consume computing system resources, the number of file operations performed by current operating systems may require many more file scans, which in turn may result in significantly slower computing system performance and user annoyance
[0002] While some security vendors have attempted to limit the performance impact of real-time file scanning solutions by skipping file scanning based on file extensions or based on whether the file is open or closed, such conventional approaches have limited effectiveness and reliability Restricted
For example, such methods may fail to identify malicious files with file extensions that appear to be legitimate, and such methods may dedicate computing resources to scanning modified files even though there is a high probability that the modified file is not a security threat

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Context-aware real-time computer-protection systems and methods
  • Context-aware real-time computer-protection systems and methods
  • Context-aware real-time computer-protection systems and methods

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0013] As described in more detail below, the present disclosure generally relates to systems and methods for determining whether to perform real-time file scanning in response to an event of interest by examining the full context of the event of interest. Information describing or identifying the larger context in which the event of interest occurred (hereinafter referred to as "context metadata") may include, but is not limited to, information about the files involved (such as file name, file creation date, the number of times it has been read or modified, the applications that have read or modified the file, typical usage behavior for the file, the results of previous security scans performed on the file, etc.) Information about applications related to files (such as whether the file program is a portal, whether the application generates network activity, whether the application contains known vulnerabilities, etc.).

[0014] The following will refer to figure 1 A detailed...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to context-aware real-time computer-protection systems and methods. A computer-implemented method for determining, in response to an event of interest, whether to perform a real-time file scan by examining the full context of the event of interest may comprise: 1) detecting an event of interest, 2) identifying at least one file associated with the event of interest, 3) accessing contextual metadata associated with the event of interest, 4) accessing at least one rule that comprises criteria for determining, based on the event of interest and the contextual metadata, whether to perform a security scan on the file, and then 5) determining, by applying the rule, whether to perform the security scan on the file. Corresponding systems and computer-readable media are also disclosed.

Description

Background technique [0001] Performance is a constant concern for vendors of real-time security products such as real-time file scanning solutions. Traditional real-time file scanning solutions typically: 1) detect when a file has been opened or modified and then 2) determine whether the file has been compromised by scanning the file in question. While a single file scan may not unduly consume computing system resources, the number of file operations performed by current operating systems may require many more file scans, which in turn may result in significantly slower computing system performance and user annoyance . [0002] While some security vendors have attempted to limit the performance impact of real-time file scanning solutions by skipping file scanning based on file extensions or based on whether the file is open or closed, such conventional approaches have limited effectiveness and reliability Restricted. For example, such methods may fail to identify malicious ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F17/30
CPCG06F21/562G06F21/564
Inventor 斯潘塞·史密斯海克·麦斯若皮亚恩
Owner CA TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap