Patent application number | Description | Published |
20100011029 | Malware detection - According to a first aspect of the present invention there is provided a method of detecting malware in a mobile telecommunications device | 01-14-2010 |
20100262584 | Disinfecting a file system - A method and apparatus for disinfecting an infected electronic file in a file system. A file system is scanned using an anti-virus application to identify the infected electronic file. Once the infected file has been identified, information identifying the infected electronic file is sent to a remote node, which queries a database storing a plurality commonly used electronic files to determine whether a clean version of the electronic file is stored at the database. If so, then all or part of the clean version of the infected electronic file is sent from the remote node, and used to replace all or part of the electronic file stored in the file system. | 10-14-2010 |
20110082838 | Computer security method and apparatus - A method of controlling a process on a computer system for backing-up files stored in a primary storage medium, to a secondary storage medium. The method comprises monitoring a file system implemented on the computer system in order to detect write operations made by the file system to said primary storage medium. Upon detection of a write operation, the integrity of a file being written is verified and/or changes in the file identified with respect to a version of the file currently stored in the primary storage medium and which is being replaced. In the event that the integrity of a file being written by the file system is compromised, and/or any identified changes in the file are suspicious, then the file is identified to the back-up process such that automatic back-up of the file is inhibited. | 04-07-2011 |
20110083186 | Malware detection by application monitoring - A method of detecting malware on a computer system. The method comprises monitoring the behaviour of trusted applications running on the computer system and, in the event that unexpected behaviour of an application is detected, identifying a file or files responsible for the unexpected behaviour and tagging the file(s) as malicious or suspicious. The unexpected behaviour of the application may comprise, for example, dropping executable files, performing modifications to a registry branch which is not a registry branch of the application, reading a file type class which is not a file type class of the application, writing portable executable (PE) files, and crashing and re-starting of the application. | 04-07-2011 |
20110084803 | Controlling location information - A method and apparatus for controlling location information at a computer device such as a mobile telephone. Location information is intercepted and obtained by, for example, intercepting it from an Application Programming Interface destined for a location application. The location application is identified, and a rule is determined for applying to the location information on the basis of the identified location application. The rule is applied to the location information to give amended location information, and the amended location information is then sent to the location application. | 04-14-2011 |
20120002839 | Malware image recognition - According to a first aspect of the present invention there is provided a method of detecting malware or other potentially unwanted programs. The method includes, at each of a plurality of client terminals, when it is determined that a program may be malware or a potentially unwanted program, generating image recognition data from displayed image data that includes image elements generated by the program, and sending the image recognition data to a central server. At the central server, storing the received image recognition data, and using the stored image recognition data to detect the presence of a malware or potentially unwanted program at the client terminals. | 01-05-2012 |
20120079584 | Authenticating A Node In A Communication Network - A method and apparatus for authenticating a first node's identity in a communication network. An authentication node receives from a second node an authentication request. The authentication request includes a first certificate that has previously been presented to the second node by a node purporting to be the first node. The authentication node retrieves a second certificate belonging to the first node from the first node, and compares the first certificate with the second certificate. If the certificates match, then the first node's identity can be authenticated but if the certificates do not match, then the first node's identity cannot be authenticated. The results of the comparison are then sent to the second node. | 03-29-2012 |
20120084865 | False Alarm Detection For Malware Scanning - A method of scanning files for malware on a computer system. The method includes receiving a file to be scanned in the system, and using at least one malware scanning engine to determine whether or not the file possesses properties that are indicative of malware. If it is determined that the file does possess properties that are indicative of malware, then at least one cleanliness scanning engine is used to determine whether or not the file possesses properties that are indicative of a clean file. If it is determined that the file possesses properties that are indicative of a clean file, then a false alarm is signalled. | 04-05-2012 |
20130067576 | Restoration of file damage caused by malware - In accordance with an example embodiment of the present invention, there is provided a method including: detecting a malware in a computer system and in response to the detection of the malware in the computer system initiating a deactivation of malware; detecting a file altered by the malware in response to a successful deactivation of the malware; and initiating a restoration of the altered file in response to the detection of the file altered by the malware. | 03-14-2013 |
20130081129 | Outbound Connection Detection and Blocking at a Client Computer - A method of detecting and blocking a malicious SSL connection at a client computer. The method includes identifying, at a network firewall level, an outbound SSL connection being set up at the client computer; detecting an SSL certificate associated with the SSL connection; sending a request to a central server for reputation information on the SSL certificate; at the central server, determining reputation information in dependence upon the SSL certificate; providing said reputation information from the central server to the client computer; and using the reputation information at the client computer to determine whether or not to block the connection. | 03-28-2013 |
20130262706 | Data Syncronisation - The present invention relates to a method for synchronising files between devices between two devices. The method includes creating a rule to control the synchronisation of the file. The rule includes at least one condition for synchronisation which is dependent upon a property of a device. | 10-03-2013 |