Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

System and method for protecting a computer system from malicious software

a computer system and software technology, applied in the field of system and method for protecting a computer system from malicious software, can solve problems such as significant degradation of computer system performance, unauthorized disclosure, and lack of security against unwanted incursions into the main processing and non-volatile memory space of the computer

Active Publication Date: 2012-01-10
CIOFFI ALFONSO
View PDF102 Cites 63 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0023]Embodiments of the present invention achieve technical advantages as a system and method for protecting a computer system from malicious software attacks via a network connection.
[0024]It is an object of the present invention to provide a computer system capable of preventing malware programs from automatically corrupting critical user and system files.
[0025]It is another object of the present invention to confine any malware infection that may occur to a separate, protected part of the computer system.
[0026]It is another object of the present invention to provide a user with an easy and comprehensive method of removing the malware infection, even if the user's anti-malware software is incapable of detecting and / or removing the malware infection.
[0027]It is another object of the present invention to provide a user with an easy and comprehensive method of restoring critical system and user files that may have been corrupted by a malware infection.

Problems solved by technology

Although there are definite benefits to this open interconnection architecture, a lack of security against unwanted incursions into the computers main processing and non-volatile memory space has emerged as a significant problem.
In the least, these items represent a nuisance that interferes with the smooth operation of the computer system, and in the extreme, can lead to the unauthorized disclosure of confidential information stored on the computer system, significant degradation of computer system performance, or the complete collapse of computer system function.
Malware has recently become much more sophisticated and much more difficult for users to deal with.
In another example, some malware will run as a Windows program with a .dlls extension, which Windows may not allow a user to delete while it is executing.
Further, the malware is often designed to defeat the user's attempts to reset the browser settings to their original values.
While allowing programs to share resources has many benefits, there are resulting security related ramifications, particularly regarding malware programs.
Security problems include allowing the malware program: to capitalize CPU time, leaving other programs with little or no CPU time; to read, forge, write, delete or otherwise corrupt files created by other programs; to read, forge, write, delete or otherwise corrupt executable files of other programs, including the O / S itself; and to read and write memory locations used by other programs to thus corrupt execution of those programs.
However, the more complex the security mechanism is, the more options a malware practitioner has to bypass the security and to hack or corrupt other programs or the O / S itself, sometimes using these very features that allow sharing and communication between programs to do so.
Major vulnerabilities of existing computer systems lies in the architectures of the computer system and of the operating system itself.
The inherent problem with existing architectures is that resources, such as RAM, or a hard disk, are shared by programs simultaneously, giving a malware program a conduit to access and corrupt other programs, or the O / S itself through the shared resource.
Such anti-malware programs are limited because they can only detect known malware that has already been identified (usually after the malware has already attacked one or more computers).
Network firewalls are typically based on packet filtering, which is limited in principle, since the rules determining which packets to accept and which to reject may contain subjective decisions based on trusting known sites or known applications.
However, once security is breached for any reason (for example, due to a software or hardware error, a new piece of malware unrecognized by the anti-malware program or firewall, or an intended deception), a malicious application may take over the computer or server or possibly the entire network and create unlimited damages (directly or indirectly by opening the door to additional malicious applications).
Two problems arise from these methods.
In the first instance, a comprehensive scan, detect, and elimination of malware from desired incoming data streams could significantly slow or preclude the interactive nature of many applications such a gaming, messaging, and browsing.
Newly discovered malware leads to the development of additional screens, which lead to more malware, etc., thus creating an escalating cycle of measure, countermeasure.
The basic flaw is that all incoming executable data files must be resident on the computers main processor to perform their desired function.
Many of the aforementioned applications are also not effective against security holes, for example, in browsers or e-mail programs, or in the operating system itself.
Security holes in critical applications are discovered quite often, and just keeping up with all the patches is cumbersome.
Also, without proper generic protection against, for example, Trojan horses, even VPNs (Virtual Private Networks) and other forms of data encryption, including digital signatures, are not totally safe because information can be stolen before or below the encryption layer.
Even personal firewalls are typically limited, because once a program is allowed to access the Internet, there are often few limitations on what files may be accessed and transmitted back to a host.
A major problem faced by computer users connected to a network is that the network interface program (a browser, for example) is resident on the same processor as the O / S and other trusted programs, and shares space on a common memory storage medium.
When this happens, users are often faced with a lengthy process of restoring their computer systems to the correct configuration, and often important files are simply lost because no backup exists.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System and method for protecting a computer system from malicious software
  • System and method for protecting a computer system from malicious software
  • System and method for protecting a computer system from malicious software

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048]The making and using of the presently preferred embodiments are discussed in detail below. It should be appreciated, however, that the present invention provides many applicable inventive concepts that can be embodied in a wide variety of specific contexts. The specific embodiments discussed are merely illustrative of specific ways to make and use the invention, and do not limit the scope of the invention.

[0049]A computer system, constructed in accordance with a preferred embodiment of the present invention, is illustrated in FIG. 1. Computer system 100 may represent, for example, a personal computer (PC) system, a server, a portable computer, such as a notebook computer, or any data processing system, a personal digital assistant (PDA), a communication device such as a cell phone, or device that is capable of being connected to a network of one or more computers. System 100 comprises a first processor 120 (P1) communicatively coupled to a first memory and data storage area 11...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

In a computer system, a first electronic data processor is communicatively coupled to a first memory space and a second memory space. A second electronic data processor is communicatively coupled the second memory space and to a network interface device. The second electronic data processor is capable of exchanging data across a network of one or more computers via the network interface device. A video processor is adapted to combine video data from the first and second electronic data processors and transmit the combined video data to a display terminal for displaying the combined video data in a windowed format. The computer system is configured such that a malware program downloaded from the network and executing on the second electronic data processor is incapable of initiating access to the first memory space.

Description

CROSS REFERENCE TO MULTIPLE REISSUE APPLICATIONS[0001]This application is a reissue application of U.S. Pat. No. 7,484,247, entitled “System and Method for Protecting a Computer System from Malicious Software,” issued on Jan. 29, 2009, and is related to a continuation application therefrom designated U.S. patent application Ser. No. 13 / 015,186 filed on Jan. 27, 2011, which are incorporated herein by reference. This application is also related to another reissue application designated U.S. patent application Ser. No. 12 / 720,147 from U.S. Pat. No. 7,484,247 filed on Mar. 9, 2010, and another reissue application designated U.S. patent application Ser. No. 12 / 720,207 from U.S. Pat. No. 7,484,247 filed on Mar. 9, 2010, which are incorporated herein by reference. This application is also related to another reissue application designated U.S. patent application Ser. No. 12 / 941,067 from U.S. Pat. No. 7,484,247 filed on Nov. 7, 2010, which is incorporated herein by reference.CROSS REFERENCE ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(United States)
IPC IPC(8): G06F11/00G06F12/14G06F12/16G08B23/00G06F15/173H04L29/06
CPCG06F21/53G06F21/568G06F21/57H04L63/02H04L63/1408
Inventor ROZMAN, ALLEN F.CIOFFI, ALFONSO J.
Owner CIOFFI ALFONSO
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products