ATE506655T1 - Verfahren zur verhinderung einer installation von böswilliger software auf einem mit dem internet verbundenen computer - Google Patents

Verfahren zur verhinderung einer installation von böswilliger software auf einem mit dem internet verbundenen computer

Info

Publication number
ATE506655T1
ATE506655T1 AT07703940T AT07703940T ATE506655T1 AT E506655 T1 ATE506655 T1 AT E506655T1 AT 07703940 T AT07703940 T AT 07703940T AT 07703940 T AT07703940 T AT 07703940T AT E506655 T1 ATE506655 T1 AT E506655T1
Authority
AT
Austria
Prior art keywords
partition
memory
files
secure
designated
Prior art date
Application number
AT07703940T
Other languages
English (en)
Inventor
Edward Kelley
Franco Motika
Tijs Wilbrink
Original Assignee
Ibm
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ibm filed Critical Ibm
Application granted granted Critical
Publication of ATE506655T1 publication Critical patent/ATE506655T1/de

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/565Static detection by checking file integrity
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
  • Detection And Correction Of Errors (AREA)
  • Information Transfer Between Computers (AREA)
AT07703940T 2006-02-07 2007-01-17 Verfahren zur verhinderung einer installation von böswilliger software auf einem mit dem internet verbundenen computer ATE506655T1 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/307,429 US7845005B2 (en) 2006-02-07 2006-02-07 Method for preventing malicious software installation on an internet-connected computer
PCT/EP2007/050442 WO2007090719A2 (en) 2006-02-07 2007-01-17 Method for preventing malicious software installation on an internet-connected computer

Publications (1)

Publication Number Publication Date
ATE506655T1 true ATE506655T1 (de) 2011-05-15

Family

ID=38229567

Family Applications (1)

Application Number Title Priority Date Filing Date
AT07703940T ATE506655T1 (de) 2006-02-07 2007-01-17 Verfahren zur verhinderung einer installation von böswilliger software auf einem mit dem internet verbundenen computer

Country Status (9)

Country Link
US (1) US7845005B2 (de)
EP (1) EP1984864B1 (de)
JP (1) JP4750188B2 (de)
CN (1) CN101361077B (de)
AT (1) ATE506655T1 (de)
BR (1) BRPI0707531B1 (de)
CA (1) CA2640422C (de)
DE (1) DE602007014012D1 (de)
WO (1) WO2007090719A2 (de)

Families Citing this family (78)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7251752B2 (en) * 2001-10-01 2007-07-31 Adams Phillip M Computerized product improvement apparatus and method
EP1680724B1 (de) 2003-08-26 2019-05-08 Panasonic Intellectual Property Corporation of America Programmausführungseinrichtung
US8112601B2 (en) * 2004-08-09 2012-02-07 Jasim Saleh Al-Azzawi Data storage device with security feature
US20120099219A1 (en) * 2004-08-09 2012-04-26 Jasim Saleh Al-Azzawi Secure data storage device
US8869270B2 (en) 2008-03-26 2014-10-21 Cupp Computing As System and method for implementing content and network security inside a chip
US8381297B2 (en) 2005-12-13 2013-02-19 Yoggie Security Systems Ltd. System and method for providing network security to mobile devices
US20080276302A1 (en) 2005-12-13 2008-11-06 Yoggie Security Systems Ltd. System and Method for Providing Data and Device Security Between External and Host Devices
US8510596B1 (en) * 2006-02-09 2013-08-13 Virsec Systems, Inc. System and methods for run time detection and correction of memory corruption
FR2898704B1 (fr) * 2006-03-14 2008-06-06 Proton World Internatinal Nv Protection d'un programme contre un deroutement
US9158941B2 (en) 2006-03-16 2015-10-13 Arm Limited Managing access to content in a data processing apparatus
DE102006049646B3 (de) * 2006-10-20 2008-06-19 Siemens Ag Verfahren und Sendevorrichtung zum gesicherten Erstellen und Versenden einer elektronischen Nachricht sowie Verfahren und Empfangsvorrichtung zum gesicherten Empfangen und Verarbeiten einer elektronischen Nachricht
US7921453B2 (en) * 2006-12-22 2011-04-05 Intel Corporation Authenticated distributed detection and inference
US8127412B2 (en) * 2007-03-30 2012-03-06 Cisco Technology, Inc. Network context triggers for activating virtualized computer applications
US9607175B2 (en) * 2007-05-21 2017-03-28 International Business Machines Corporation Privacy safety manager system
US8533847B2 (en) * 2007-05-24 2013-09-10 Sandisk Il Ltd. Apparatus and method for screening new data without impacting download speed
US8365272B2 (en) 2007-05-30 2013-01-29 Yoggie Security Systems Ltd. System and method for providing network and computer firewall protection with dynamic address isolation to a device
CN101359356B (zh) * 2007-08-03 2010-08-25 联想(北京)有限公司 删除或隔离计算机病毒的方法及系统
KR20090043823A (ko) * 2007-10-30 2009-05-07 삼성전자주식회사 외부 공격을 감지할 수 있는 메모리 시스템
US8555380B2 (en) * 2008-02-28 2013-10-08 Intel Corporation Automatic modification of executable code
US8839431B2 (en) * 2008-05-12 2014-09-16 Enpulz, L.L.C. Network browser based virus detection
US9237166B2 (en) * 2008-05-13 2016-01-12 Rpx Corporation Internet search engine preventing virus exchange
TWI364686B (en) * 2008-05-15 2012-05-21 Lumous Technology Co Ltd Method for protecting computer file used in solid state disk array
US8468356B2 (en) * 2008-06-30 2013-06-18 Intel Corporation Software copy protection via protected execution of applications
US8631488B2 (en) 2008-08-04 2014-01-14 Cupp Computing As Systems and methods for providing security services during power management mode
WO2010037409A1 (en) * 2008-10-02 2010-04-08 Nec Europe Ltd. Storage system and method for securely accessing data
WO2010059864A1 (en) 2008-11-19 2010-05-27 Yoggie Security Systems Ltd. Systems and methods for providing real time access monitoring of a removable media device
US9086913B2 (en) * 2008-12-31 2015-07-21 Intel Corporation Processor extensions for execution of secure embedded containers
US9213348B2 (en) * 2009-01-16 2015-12-15 Broadcom Corporation Method and system for utilizing a broadband gateway for peer to peer communications
US9177145B2 (en) * 2009-03-24 2015-11-03 Sophos Limited Modified file tracking on virtual machines
US8566689B2 (en) * 2009-10-22 2013-10-22 Microsoft Corporation Data integrity units in nonvolatile memory
US9122558B2 (en) 2009-11-09 2015-09-01 Bank Of America Corporation Software updates using delta patching
US8972974B2 (en) 2009-11-09 2015-03-03 Bank Of America Corporation Multiple invocation points in software build task sequence
US9176898B2 (en) 2009-11-09 2015-11-03 Bank Of America Corporation Software stack building using logically protected region of computer-readable medium
US9128799B2 (en) 2009-11-09 2015-09-08 Bank Of America Corporation Programmatic creation of task sequences from manifests
US20110113226A1 (en) * 2009-11-09 2011-05-12 Bank Of America Corporation Distribution Of Software Updates
US8181176B2 (en) * 2010-06-21 2012-05-15 Intel Corporation Uniform storage device access using partial virtual machine executing within a secure enclave session
US8782435B1 (en) 2010-07-15 2014-07-15 The Research Foundation For The State University Of New York System and method for validating program execution at run-time using control flow signatures
US8776040B2 (en) 2011-08-19 2014-07-08 International Business Machines Corporation Protection for unauthorized firmware and software upgrades to consumer electronic devices
US8856771B2 (en) * 2011-08-19 2014-10-07 International Business Machines Corporation Protection for unauthorized firmware and software upgrades to consumer electronic devices
US10455071B2 (en) 2012-05-09 2019-10-22 Sprint Communications Company L.P. Self-identification of brand and branded firmware installation in a generic electronic device
US9973501B2 (en) 2012-10-09 2018-05-15 Cupp Computing As Transaction security systems and methods
US9268707B2 (en) 2012-12-29 2016-02-23 Intel Corporation Low overhead paged memory runtime protection
WO2015006375A1 (en) 2013-07-08 2015-01-15 Cupp Computing As Systems and methods for providing digital content marketplace security
JP6189157B2 (ja) * 2013-08-01 2017-08-30 株式会社コーラルネット 二世帯osパソコン
WO2015038944A1 (en) 2013-09-12 2015-03-19 Virsec Systems, Inc. Automated runtime detection of malware
US20150220927A1 (en) * 2013-09-25 2015-08-06 Ned M. Smith Method, apparatus and system for providing transaction indemnification
US9743271B2 (en) * 2013-10-23 2017-08-22 Sprint Communications Company L.P. Delivery of branding content and customizations to a mobile communication device
US10506398B2 (en) 2013-10-23 2019-12-10 Sprint Communications Company Lp. Implementation of remotely hosted branding content and customizations
US9762614B2 (en) 2014-02-13 2017-09-12 Cupp Computing As Systems and methods for providing network security using a secure digital device
US9681251B1 (en) 2014-03-31 2017-06-13 Sprint Communications Company L.P. Customization for preloaded applications
US10354074B2 (en) 2014-06-24 2019-07-16 Virsec Systems, Inc. System and methods for automated detection of input and output validation and resource management vulnerability
CN107077412B (zh) 2014-06-24 2022-04-08 弗塞克系统公司 单层或n层应用的自动化根本原因分析
GB201413836D0 (en) 2014-08-05 2014-09-17 Arm Ip Ltd Device security apparatus and methods
CN104298924B (zh) * 2014-09-28 2017-12-12 宇龙计算机通信科技(深圳)有限公司 确保系统安全的方法、确保系统安全的装置和终端
US9992326B1 (en) 2014-10-31 2018-06-05 Sprint Communications Company L.P. Out of the box experience (OOBE) country choice using Wi-Fi layer transmission
US9398462B1 (en) 2015-03-04 2016-07-19 Sprint Communications Company L.P. Network access tiered based on application launcher installation
GB2540961B (en) 2015-07-31 2019-09-18 Arm Ip Ltd Controlling configuration data storage
GB2540965B (en) * 2015-07-31 2019-01-30 Arm Ip Ltd Secure configuration data storage
US9578054B1 (en) * 2015-08-31 2017-02-21 Newman H-R Computer Design, LLC Hacking-resistant computer design
CN105516246B (zh) * 2015-11-25 2019-03-26 魅族科技(中国)有限公司 一种防应用程序下载劫持的方法及服务器
GB2545010B (en) * 2015-12-03 2018-01-03 Garrison Tech Ltd Secure boot device
US20170177863A1 (en) * 2015-12-16 2017-06-22 Wind River Systems, Inc. Device, System, and Method for Detecting Malicious Software in Unallocated Memory
KR101832594B1 (ko) * 2016-02-18 2018-02-26 라인 가부시키가이샤 중간 언어 파일의 로딩 속도 개선을 위한 방법 및 시스템
EP3472746B1 (de) 2016-06-16 2020-05-13 Virsec Systems, Inc. Systeme und verfahren zur behebung von speicherkorruption in einer computeranwendung
US10049214B2 (en) * 2016-09-13 2018-08-14 Symantec Corporation Systems and methods for detecting malicious processes on computing devices
US9913132B1 (en) 2016-09-14 2018-03-06 Sprint Communications Company L.P. System and method of mobile phone customization based on universal manifest
US10021240B1 (en) 2016-09-16 2018-07-10 Sprint Communications Company L.P. System and method of mobile phone customization based on universal manifest with feature override
CN106411917B (zh) * 2016-10-21 2019-10-11 宇龙计算机通信科技(深圳)有限公司 一种文件传输检测的方法及相关设备
JP7027664B2 (ja) * 2017-02-20 2022-03-02 パスガード インコーポレイテッド ハッキング耐性のあるコンピュータ設計
US10306433B1 (en) 2017-05-01 2019-05-28 Sprint Communications Company L.P. Mobile phone differentiated user set-up
KR101994138B1 (ko) * 2017-05-29 2019-07-01 한국전력공사 물리적인 망분리 환경의 자료 전달 시스템 및 그 방법
US10061923B1 (en) * 2017-06-26 2018-08-28 Pritam Nath Safe and secure internet or network connected computing machine providing means for processing, manipulating, receiving, transmitting and storing information free from hackers, hijackers, virus, malware etc.
US10505736B1 (en) * 2018-07-26 2019-12-10 Meixler Technologies, Inc. Remote cyber security validation system
US11824840B1 (en) 2019-02-04 2023-11-21 Meixler Technologies, Inc. System and method for web-browser based end-to-end encrypted messaging and for securely implementing cryptography using client-side scripting in a web browser
US12099747B2 (en) * 2020-12-22 2024-09-24 Red Hat, Inc. Managing write removal for solid-state drives
US11960625B2 (en) * 2021-05-06 2024-04-16 Jpmorgan Chase Bank, N.A. Systems and methods for protecting sensitive data in user online activities
US20230153094A1 (en) 2021-11-18 2023-05-18 Toyota Motor North America, Inc. Robust over the air reprogramming
US11907559B1 (en) * 2022-08-09 2024-02-20 Winbond Electronics Corporation Physically secure memory partitioning

Family Cites Families (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5359659A (en) * 1992-06-19 1994-10-25 Doren Rosenthal Method for securing software against corruption by computer viruses
EP0769170B1 (de) * 1994-06-01 1999-08-18 Quantum Leap Innovations Inc: Computervirenfalle
US5889951A (en) * 1996-05-13 1999-03-30 Viewpoint Corporation Systems, methods, and computer program products for accessing, leasing, relocating, constructing and modifying internet sites within a multi-dimensional virtual reality environment
GB9905056D0 (en) * 1999-03-05 1999-04-28 Hewlett Packard Co Computing apparatus & methods of operating computer apparatus
US6292874B1 (en) * 1999-10-19 2001-09-18 Advanced Technology Materials, Inc. Memory management method and apparatus for partitioning homogeneous memory and restricting access of installed applications to predetermined memory ranges
DE10055118A1 (de) 2000-11-07 2001-04-26 Wolfgang A Halang Offenbarendes Verfahren zur Überwachung ausführbarer oder interpretierbarer Daten in digitalen Datenverarbeitungsanlagen mittels gerätetechnischer Einrichtungen
US6751679B1 (en) * 2000-11-16 2004-06-15 International Business Machines Corporation Means of control bit protection in a logical partition environment
US20020166059A1 (en) * 2001-05-01 2002-11-07 Rickey Albert E. Methods and apparatus for protecting against viruses on partitionable media
US7043634B2 (en) * 2001-05-15 2006-05-09 Mcafee, Inc. Detecting malicious alteration of stored computer files
US7392541B2 (en) * 2001-05-17 2008-06-24 Vir2Us, Inc. Computer system architecture and method providing operating-system independent virus-, hacker-, and cyber-terror-immune processing environments
US7036020B2 (en) * 2001-07-25 2006-04-25 Antique Books, Inc Methods and systems for promoting security in a computer system employing attached storage devices
DE10208442A1 (de) 2001-09-27 2003-05-15 Marc Delling Hochsicherheits-Server als Datenverarbeitungsanlage
US7272832B2 (en) * 2001-10-25 2007-09-18 Hewlett-Packard Development Company, L.P. Method of protecting user process data in a secure platform inaccessible to the operating system and other tasks on top of the secure platform
US7024555B2 (en) * 2001-11-01 2006-04-04 Intel Corporation Apparatus and method for unilaterally loading a secure operating system within a multiprocessor environment
JP3863447B2 (ja) * 2002-03-08 2006-12-27 インターナショナル・ビジネス・マシーンズ・コーポレーション 認証システム、ファームウェア装置、電気機器、及び認証方法
US7146640B2 (en) 2002-09-05 2006-12-05 Exobox Technologies Corp. Personal computer internet security system
US20040088697A1 (en) * 2002-10-31 2004-05-06 Schwartz Jeffrey D. Software loading system and method
JP2004171416A (ja) * 2002-11-21 2004-06-17 Ntt Docomo Inc 通信端末、価値実体提供サーバ、アプリケーション配信サーバ、電子購買支援システム、電子購買支援方法、及び電子購買支援プログラム
US7509644B2 (en) * 2003-03-04 2009-03-24 Secure 64 Software Corp. Operating system capable of supporting a customized execution environment
AU2003901454A0 (en) 2003-03-28 2003-04-10 Secure Systems Limited Security system and method for computer operating systems
US20050221766A1 (en) * 2004-03-31 2005-10-06 Brizek John P Method and apparatus to perform dynamic attestation
US20050268109A1 (en) * 2004-05-07 2005-12-01 Mcintosh Christopher P Object based communication network
AU2006243965A1 (en) * 2005-05-10 2006-11-16 Brent J. Angeline Internet operating system
US7685316B2 (en) * 2005-06-16 2010-03-23 Cisco Technology, Inc. System and method for coordinated network configuration

Also Published As

Publication number Publication date
EP1984864B1 (de) 2011-04-20
BRPI0707531A2 (pt) 2012-07-10
BRPI0707531B1 (pt) 2018-08-14
US7845005B2 (en) 2010-11-30
JP4750188B2 (ja) 2011-08-17
EP1984864A2 (de) 2008-10-29
WO2007090719A2 (en) 2007-08-16
CN101361077B (zh) 2012-01-18
JP2009526284A (ja) 2009-07-16
CN101361077A (zh) 2009-02-04
CA2640422A1 (en) 2007-08-16
US20070192854A1 (en) 2007-08-16
WO2007090719A3 (en) 2007-10-11
DE602007014012D1 (de) 2011-06-01
CA2640422C (en) 2015-12-01

Similar Documents

Publication Publication Date Title
ATE506655T1 (de) Verfahren zur verhinderung einer installation von böswilliger software auf einem mit dem internet verbundenen computer
US8990934B2 (en) Automated protection against computer exploits
JP6142027B2 (ja) ハイパーバイザ環境においてカーネルルートキットに対する保護を実行するシステムおよび方法
Hasabnis et al. Light-weight bounds checking
Younan et al. PAriCheck: an efficient pointer arithmetic checker for C programs
KR101378639B1 (ko) 프로세서 메인 메모리의 메모리 콘텐츠를 위한 보안 보호
US20200012787A1 (en) Method and system for detecting kernel corruption exploits
US10089498B2 (en) Memory integrity checking
Block et al. Windows memory forensics: Detecting (un) intentionally hidden injected code by examining page table entries
US10242194B2 (en) Method and apparatus for trusted execution of applications
Guri et al. JoKER: Trusted detection of kernel rootkits in android devices via JTAG interface
Maar et al. {SLUBStick}: Arbitrary Memory Writes through Practical Software {Cross-Cache} Attacks within the Linux Kernel
US7631292B2 (en) Code individualism and execution protection
CN101304320A (zh) 一种地址处理方法和装置
Tian et al. Kruiser: Semi-synchronized Non-blocking Concurrent Kernel Heap Buffer Overflow Monitoring.
Cheng et al. CATTmew: Defeating software-only physical kernel isolation
White et al. Integrity verification of user space code
CN106778257A (zh) 一种虚拟机防逃逸装置
Chen et al. Hyperhammer: Breaking free from kvm-enforced isolation
CN101309149A (zh) 一种地址处理方法和装置
Liu et al. Research on the technology of iOS jailbreak
Shen et al. Randezvous: Making randomization effective on MCUs
Srivastava et al. Detecting code injection by cross-validating stack and VAD information in windows physical memory
Hua et al. Barrier: a lightweight hypervisor for protecting kernel integrity via memory isolation
Zhang et al. Rowhammering storage devices

Legal Events

Date Code Title Description
RER Ceased as to paragraph 5 lit. 3 law introducing patent treaties