Patent application number | Description | Published |
20100011029 | Malware detection - According to a first aspect of the present invention there is provided a method of detecting malware in a mobile telecommunications device | 01-14-2010 |
20100262584 | Disinfecting a file system - A method and apparatus for disinfecting an infected electronic file in a file system. A file system is scanned using an anti-virus application to identify the infected electronic file. Once the infected file has been identified, information identifying the infected electronic file is sent to a remote node, which queries a database storing a plurality commonly used electronic files to determine whether a clean version of the electronic file is stored at the database. If so, then all or part of the clean version of the infected electronic file is sent from the remote node, and used to replace all or part of the electronic file stored in the file system. | 10-14-2010 |
20110082838 | Computer security method and apparatus - A method of controlling a process on a computer system for backing-up files stored in a primary storage medium, to a secondary storage medium. The method comprises monitoring a file system implemented on the computer system in order to detect write operations made by the file system to said primary storage medium. Upon detection of a write operation, the integrity of a file being written is verified and/or changes in the file identified with respect to a version of the file currently stored in the primary storage medium and which is being replaced. In the event that the integrity of a file being written by the file system is compromised, and/or any identified changes in the file are suspicious, then the file is identified to the back-up process such that automatic back-up of the file is inhibited. | 04-07-2011 |
20110167275 | MALWARE DETECTION METHOD AND APPARATUS - According to a first aspect of the present invention there is provided a malware detection method implemented within a computer. The method includes, for a given electronic file, determining if the file is associated with a valid digital signature. If the file is associated with a valid digital signature, then verifying that the signature belongs to a trusted source. If the signature does belong to a trusted source then not performing a malware scan of said file, and if the signature cannot be verified as belonging to a trusted source then performing said scan. | 07-07-2011 |
20120117648 | Malware Determination - A method and apparatus for a determining whether an electronic file stored at a client device is malware. A server receives from the client device a request message that signature information of the electronic file. The server queries a database of signature information of a multiplicity of electronic files. If the signature information of the electronic file corresponds to signature information stored on the database, a determination is made as to whether the electronic file is malware. If the signature information of the electronic file does not correspond to signature information stored on the database, a determination is made as to whether a predetermined number of further request messages for the electronic file are received from further client devices within a predetermined time period. If fewer request messages are received within the time period, it is likely that the electronic file is malware. | 05-10-2012 |
20120151578 | Detecting a suspicious entity in a communication network - A method and apparatus for detecting a suspicious entity in a communication network. A receiving device receives a message from a sender. A processor obtains domain information or a user identity, and further contact information from data contained in the message. A reputation query message is sent to a Network Reputation Server (NRS), the reputation query message including the domain information or user identity. A reply is received from the NRS that indicates that the domain information or user identity is related to a suspicious entity. The receiving device then associates the contact information with the suspicious entity. In this way, if a user of the receiving device attempts to use the contact information, they can be prevented from doing this or informed that it relates to a suspicious entity. | 06-14-2012 |
20120173699 | Controlling access to web content - A method of controlling access to web content at a client computer. The method includes registering an access control status at the client computer, and detecting an attempt to access a website having an access control mechanism. In response to such detection, the access attempt is suspended and said access control status registered at the client computer compared with an access control status currently registered at the website. If these do not correspond, then the access control status registered at the website is changed to correspond with that registered at the client computer. | 07-05-2012 |
20120183130 | Managing Communications in a Communication Network - A method and apparatus for managing communications in a communication network. A telephony device determines that a software application is attempting to contact an E.164 number. It then determines that the E.164 number matches at least one predetermined criterion, such as the E.164 number being a premium rate number or having a different country code to that of the device. The device then sends a query to a reputation server. The query includes information identifying the software application. The device receives a response from the reputation server, the response including a reputation relating to the software application. On the basis of the received reputation relating to the software application, the device can take further action such as preventing contact from being established. | 07-19-2012 |
20120203904 | Controlling Internet Access Using DNS Root Server Reputation - A method of controlling internet access on a client computer. The method comprises identifying a DNS request generated on the client computer and which is addressed to a specific DNS root server, and sending an information request to a central server identifying said DNS root server. Then, at the central server, reputation information for said DNS root server is determined, and said reputation information is provided from the central server to the client computer. The reputation information is then used at the client computer to handle the DNS request or a response to that request. | 08-09-2012 |
20120210431 | Detecting a trojan horse - A method and apparatus for detected a Trojan in a suspicious software application in the form of at least one electronic file. A computer device determines the source from which the suspicious software application was obtained. A comparison is then made between the source from which the suspicious software application was obtained and a source from which an original, clean version of the software application was obtained. If the sources differ, then it is determined that the suspicious application is more likely to contain a Trojan horse than if the sources were the same. | 08-16-2012 |
20120210435 | Web content ratings - A method of performing a security check at a user computer on web page content downloaded to the user computer over the Internet. The method includes retrieving rating information for the web page from a web service over the Internet, the rating information including one or more content ratings and a first signature generated from the content, using a specified algorithm, at substantially the same time as the or each content rating was determined. The downloaded web page content is then processed using said specified algorithm to generate a second signature, and said first and second signatures are compared and the differences therebetween quantified. It is then determined if the quantified difference exceeds a threshold value. If not, then the received content rating(s) is(are) trusted. If yes, then the result is reported to said web service. | 08-16-2012 |
20130067576 | Restoration of file damage caused by malware - In accordance with an example embodiment of the present invention, there is provided a method including: detecting a malware in a computer system and in response to the detection of the malware in the computer system initiating a deactivation of malware; detecting a file altered by the malware in response to a successful deactivation of the malware; and initiating a restoration of the altered file in response to the detection of the file altered by the malware. | 03-14-2013 |
20130081129 | Outbound Connection Detection and Blocking at a Client Computer - A method of detecting and blocking a malicious SSL connection at a client computer. The method includes identifying, at a network firewall level, an outbound SSL connection being set up at the client computer; detecting an SSL certificate associated with the SSL connection; sending a request to a central server for reputation information on the SSL certificate; at the central server, determining reputation information in dependence upon the SSL certificate; providing said reputation information from the central server to the client computer; and using the reputation information at the client computer to determine whether or not to block the connection. | 03-28-2013 |
20130262706 | Data Syncronisation - The present invention relates to a method for synchronising files between devices between two devices. The method includes creating a rule to control the synchronisation of the file. The rule includes at least one condition for synchronisation which is dependent upon a property of a device. | 10-03-2013 |