| 发明名称 |
Malicious Mobile Code Runtime Monitoring System and Methods |
| 摘要 |
Protection systems and methods provide for protecting one or more personal computers (“PCs”) and/or other intermittently or persistently network accessible devices or processes from undesirable or otherwise malicious operations of Java TN applets, ActiveX™ controls, JavaScript™ scripts, Visual Basic scripts, add-ins, downloaded/uploaded programs or other “Downloadables” or “mobile code” in whole or part. A protection engine embodiment provides for monitoring information received, determining whether received information does or is likely to include executable code, and if so, causes mobile protection code (MPC) to be transferred to and rendered operable within a destination device of the received information. An MPC embodiment further provides, within a Downloadable-destination, for initiating the Downloadable, enabling malicious Downloadable operation attempts to be received by the MPC, and causing (predetermined) corresponding operations to be executed in response to the attempts. |
| 申请公布号 |
US2016070907(A1) |
申请公布日期 |
2016.03.10 |
| 申请号 |
US201514941911 |
申请日期 |
2015.11.16 |
| 申请人 |
Finjan, Inc. |
发明人 |
Edery Yigal Mordechai;Vered Nimrod Itzhak;Kroll David R. |
| 分类号 |
G06F21/53;G06F21/56 |
主分类号 |
G06F21/53 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A processor-based method, comprising:
receiving, by a server, a file; detecting, by a code detector, whether the file includes one or more instances of executable code; generating, by a protection engine, mobile protection code when one or more instances of executable code is detected by the code detector; and receiving, by a linking engine, the generated mobile protection code and the file containing the one or more instance of executable code, and bundling, by the linking engine, the mobile protection code and the file into a sandboxed package, wherein the bundling does not alter the file. |
| 地址 |
East Palo Alto CA US |
