| 主权项 |
1. In a mobile communications device having a network interface for receiving and sending data, a memory and a microprocessor, and further having software components for processing, analyzing and storing data, including at least a known good component for identifying data that is recognizably safe, a known bad component for identifying data that is recognizably malicious, and a decision component for evaluating whether data is safe or malicious, a method comprising:
providing data on the mobile communications device; applying a hash function to the data to create a hash identifier for the data; and comparing by the known good component, the data hash identifier against a database of identifiers of known good data stored in the mobile communications device memory; if the comparison by the known good component results in a positive match, then allowing the data to be processed by the mobile communications device; if the comparison by the known good component does not result in a positive match, then comparing by the known bad component, the data hash identifier against a database of identifiers of known bad data stored in the mobile communications device memory; and if the comparison by the known bad component does not result in a positive match, then transmitting a signal from the mobile communications device to a server to indicate that an analysis of the data by a mobile communications device security component has not been able to characterize the data as recognizably safe or malicious. |
