Patents Assigned to Associated Technology
-
Patent number: 6654751Abstract: A virus information patrol (VIP) data collector is provided to monitor virus information repositories and to collect selected virus descriptor data into a VIP database in accordance with a VIP configuration data. The VIP configuration data may include various VIP criteria to determine which virus information repositories to patrol and which virus descriptor data to collect. The VIP configuration data may further include a VIP indicator of whether to include or exclude a particular repository or virus descriptor data that satisfies the various VIP criteria. The VIP configuration data may further include a VIP category that describes the type of virus descriptor data that satisfies the various VIP criteria.Type: GrantFiled: October 18, 2001Date of Patent: November 25, 2003Assignee: Networks Associates Technology, Inc.Inventors: Craig Schmugar, Vincent Gullotto
-
Patent number: 6636972Abstract: A system and method for building an executable script for performing a network security audit is described. A source program expressed in a network packet simulation language is stored. The same program includes a plurality of statements encoding logic to simulate an exchange of network protocol compliant-packets. Each statement is scanned into a sequence of individual tokens. Each token is parsed into grammatical phrases comprising at least one of an expression and a control construct. Each expression evaluates a data value. Each control construct defines a process flow. The grammatical phrases are compiled into program instructions to execute the logic on a target machine.Type: GrantFiled: October 12, 2001Date of Patent: October 21, 2003Assignee: Networks Associates Technology, Inc.Inventors: Thomas Henry Ptacek, Timothy Nakula Newsham, Oliver Friedrichs
-
Patent number: 6633835Abstract: A system, method and computer program product are provided for adaptive priority data filtering. Data is collected from a network segment and classified into multiple flows. The flows are prioritized into high and low priority flows. High priority flows are stored in a high priority queue prior to processing, while low priority flows are stored in a low priority queue prior to processing. An amount of data in the high priority flows is monitored. Buffers from the low priority queue are reallocated to the high priority queue if the amount of data in the high priority flows surpasses a predetermined threshold.Type: GrantFiled: January 11, 2002Date of Patent: October 14, 2003Assignee: Networks Associates Technology, Inc.Inventors: Mike Moran, Tauras Liubinskas, Jack Goral
-
Patent number: 6622150Abstract: A system and method for efficiently managing computer virus definitions using a structured virus database are described. One or more virus definition records are stored in a structured virus database. Each virus definition record includes an identifier uniquely identifying a computer virus, at least one virus name associated with the computer virus, a virus definition sentence including object code providing operations to detect the identified computer virus within a computer system, and a virus removal sentence including object code providing operations to clean the identified computer virus from the computer system. The virus definition records in the structured virus database are accessed indexed by the identifier and the at least one virus name for each virus definition record. The object code of the virus definition sentence and the virus removal sentence for each accessed virus definition record is interpreted.Type: GrantFiled: December 18, 2000Date of Patent: September 16, 2003Assignee: Networks Associates Technology, Inc.Inventors: Victor Kouznetsov, Andrei Ushakov
-
Patent number: 6615266Abstract: An Internet computer system with methods for dynamic filtering of hypertext tags and content is described. The system includes one or more Web clients, each operating a Web browser (e.g., Netscape Navigator or Microsoft Internet Explorer) with an Internet connection to one or more Web servers. Each client includes, interposed between its browser and communication layer, a Filter module of the present invention which traps and processes all communications between the browser and the communication layer. The Filter module, which implements client-side methodology at each individual Web client for dynamic filtering of hypertext tags and content, includes an output stream, a processing loop, a Filter method, and an input stream. During system operation, the Web browser generates multiple requests for retrieving content. More particularly, particular content is retrieved by a fetch or GET command (e.g., using HTTP protocol) transmitted to a target server from the client-side communication layer (e.g.Type: GrantFiled: July 18, 2000Date of Patent: September 2, 2003Assignee: Networks Associates Technology, Inc.Inventors: Gene Hoffman, Jr., Mark B. Elrod
-
Patent number: 6611925Abstract: A method and system for on-access virus scanning within an enterprise or in a workgroup, where all users are authenticated against a trusted certificate authority. The first time an item, such as an executable file or document, is accessed, it is scanned for viruses, worms, trojan horses, or other malicious code, and, after the item is determined to be free from threats or is corrected, a certificate noting this information is generated. At the same time a Globally Unique Identifier (“GUID”) is generated and appended to the item. The certificate contains various information, including the identity of the scanner that performed the virus check, as well as a means for determining if the original item has been altered since it was scanned, and is stored in a certificate database. The GUID is used as a pointer for locating the certificate. A subsequent user who accesses the item will detect the GUID and can use the GUID to locate the certificate for the item.Type: GrantFiled: June 13, 2000Date of Patent: August 26, 2003Assignee: Networks Associates Technology, Inc.Inventor: Paul Spear
-
Publication number: 20030157895Abstract: Aspects of the invention are found in an apparatus for monitoring data on a wireless network. The data is transmitted according to a wireless data network protocol across the network. The apparatus is contained on a portable wireless network analysis device. The portable wireless network analysis device has a wireless network interface that communicatively couples the portable wireless network analysis device to the wireless network. This allows the portable wireless network analysis device to receive data from the wireless network. The portable wireless network analysis device also has a network traffic analyzer. The network traffic analyzer is communicatively coupled to the wireless network interface. The analyzer receives and analyzes the data received from the wireless network. The portable wireless network analysis device is capable of being operated by user at one location and transported to second location.Type: ApplicationFiled: September 17, 2002Publication date: August 21, 2003Applicant: Networks Associates Technology, Inc.Inventors: Ajay Agrawal, Sriharsha Sathya, Yashovan Neelakantamurthy, Apurva Prakash, Raghavendra Malpani, Abhishek Saraswati, Suryaprashant Rao, Ashish Hate, Peter O. Schmitz
-
Patent number: 6608817Abstract: A method for analyzing a connection oriented multiplexing and switching network (COMSN), includes dividing a subsection of a COMSN network into a plurality of virtual channel characterization (VCC) layers, extracting frames from the subsection when the frames are available over a period of time in each of the plurality of VCC layers, and selectively displaying objects associated with the frames and the relationships between the objects.Type: GrantFiled: December 28, 1999Date of Patent: August 19, 2003Assignee: Networks Associates Technology, Inc.Inventor: Christopher Joseph Ivory
-
Patent number: 6604139Abstract: A system, method and computer program product are provided for filtering various voice protocols. A plurality of voice protocols is initially displayed. Next, an indication is received from a user as to the selection of the voice protocols. It is further determined as to a particular filtering mode that is currently operating. Next, the selected voice protocols are filtered in the determined filtering mode.Type: GrantFiled: December 14, 2001Date of Patent: August 5, 2003Assignee: Networks Associates Technology, Inc.Inventors: Anna Sajina, Kaiwang Zhang
-
Patent number: 6601091Abstract: A method for improving the performance and responsiveness of a computer program is presented. The system consists of a read-ahead mechanism that scans current data-sets and reads data-sets referenced within the current data-set prior to any actual request or access to the data set by the system. The determination of which data sets to access is made based upon a prioritization computed either through user defined settings or through heuristic observation of the system's behavior. The present invention has particular value in connection with Internet communications and access to remote data.Type: GrantFiled: March 28, 1996Date of Patent: July 29, 2003Assignee: Networks Associates Technology, Inc.Inventor: Michael L. Spilo
-
Publication number: 20030140137Abstract: A system and associated method and computer program product are provided for analyzing a network. Included is a plurality of agents coupled to a plurality of computers interconnected via a network. Each agent is adapted to collect information relating to at least one of the computers. Further provided is a plurality of host controllers coupled to the agents for collecting the information from the agents. Still yet, a plurality of zone controllers is coupled to the host controllers for collecting the information from the host controllers.Type: ApplicationFiled: December 21, 2001Publication date: July 24, 2003Applicant: Networks Associates Technology, IncInventors: Herbert V. Joiner, Ken W. Elwell
-
Publication number: 20030135756Abstract: The invention is directed to a method and apparatus for preventing software piracy. A license enforcement server may be integrated with an operating system running on a network-critical machine. As such, other computational devices connected to the network may obtain permission to perform licensed activities. These computational devices may have an instruction set for communicating with the license enforcement server. Further, the license enforcement server may communicate with a licensing organization. The license enforcement server may utilize a namespace tree to organize licenses and uniquely identify licensed activities. In this manner, a universal license enforcement system may be achieved in which disabling of the license enforcement mechanisms would adversely effect a network.Type: ApplicationFiled: January 14, 2002Publication date: July 17, 2003Applicant: Networks Associates Technology, Inc.Inventor: Ravi Verma
-
Patent number: 6594686Abstract: The invention provides for on-access scanning of archives, such as “ZIP” files, for files containing viruses or other unwanted characteristics. In particular, disclosed are various techniques for beginning a scanning operation, and then monitoring the scanning operation to determine whether it is completing in a reasonable time. If the scanning operation is taking place within a terminal server type of environment, such as the Microsoft Terminal Server, where an application program is run in a virtual execution environment, then provision is made to identify client connections to the server so that error messages (such as denying file access due to a virus) can be presented to a terminal server client's terminal, rather than at the terminal server console.Type: GrantFiled: March 2, 2000Date of Patent: July 15, 2003Assignee: Network Associates Technology, Inc.Inventors: Jonathan Edwards, Edmund White
-
Patent number: 6587888Abstract: The present invention is directed at the implementation of a dynamic wrapper for discovery of non-exported functions and subsequent method interception. A practical usage of dynamic wrappers is for security software packages to augment access controls applied to the wrapped modules. The invention permits interception of distributed component object model (DCOM) client initiated method calls at a DCOM server during runtime. The interceptor of the method call denies or grants access to the DCOM method to be executed. The actual logic to determine access permissions need not be part of the interceptor. The interceptor runs as part of the DCOM server. It contains logic to distinguish at runtime the identity of the principal associated with the DCOM client requesting the execution of the function call. The technique works with commercial-off-the-shelf (COTS) software and does not require modification of the application source code.Type: GrantFiled: December 15, 1999Date of Patent: July 1, 2003Assignee: Networks Associates Technology, Inc.Inventors: David Pai-wei Chieu, Dennis Hollingworth
-
Patent number: 6584504Abstract: A computer program product enables a computer device to implement a method of monitoring Web page traffic. The multi-step method begins by automatically sending a first ping at a first time to a first Internet address associated with a first Web page. A first response time for the first ping is measured to determine a first level of Internet traffic on the first Web page. Using the first response time, a first value is assigned to a perceptible characteristic of a first graphical object, which is then displayed on a display device associated with the computer device. Next, a second ping is automatically sent to the first Internet address at a second time. The second response time to the second ping is measured to determine a second level of Internet traffic on the first Web page. Based on the second response time a second value is assigned to the perceptible characteristic of the first graphical object, which is then redisplayed on the display device.Type: GrantFiled: May 26, 2000Date of Patent: June 24, 2003Assignee: Networks Associates Technology, Inc.Inventor: Kerry M. Choe
-
Patent number: 6584508Abstract: A system and method for increasing the security of a data guard is disclosed. The data guard is based on a multi-part proxy that includes a first proxy agent that communicates with an inside computer network region, a second proxy agent that communicates with an outside computer network region, and a content-based filter application that reviews information that is passed between the first proxy agent and the second proxy agent. Both the first and second proxy agents can be based on existing firewall proxies. The proxy agents listen for protocol operations (e.g., IIOP requests or replies) and translate those protocol operations into protocol-independent data. The protocol independent data is then analyzed by a protocol-independent content-based filter. The behavior of the multi-part proxy can be further constrained through the use of software wrapper technology.Type: GrantFiled: December 30, 1999Date of Patent: June 24, 2003Assignee: Networks Associates Technology, Inc.Inventors: Jeremy Epstein, Linda Thomas
-
Patent number: 6546493Abstract: A system, method and computer program product are provided for scanning a source of suspicious network communications. Initially, network communications are monitored for violations of policies. Then, it is determined whether the network communications violate at least one of the policies. Further, a source of the network communications that violate at least one of the policies is identified. Upon it being determined that the network communications violate at least one of the policies, the source of the network communications is automatically scanned.Type: GrantFiled: November 30, 2001Date of Patent: April 8, 2003Assignee: Networks Associates Technology, Inc.Inventors: James S. Magdych, Tarik Rahmanovic, John R. McDonald, Brock E. Tellier
-
Patent number: 6542943Abstract: A system and method update client computers of various end users with software updates for software products installed on the client computers, the software products manufacturered by diverse, unrelated software vendors. The system includes a service provider computer system, a number of client computers and software vendor computer systems communicating on a common network. The service provider computer system stores in an update database information about the software updates of the diverse software vendors, identifying the software products for which software updates are available, their location on the network at the various software vendor computer systems, information for identifying in the client computers the software products stored thereon, and information for determining for such products, which have software updates available. Users of the client computers connect to the service provider computer and obtain a current version of portions of the database.Type: GrantFiled: April 17, 2002Date of Patent: April 1, 2003Assignee: Networks Associates Technology, Inc.Inventors: William Cheng, Kenneth Hwang, Ravi Kannan, Babu Katchapalayam, Bing Liu, Balaji Narasimhan, Gopal Ramanujam, Jonathan Tran
-
Method system and computer program product for distributed internet information search and retrieval
Patent number: 6523023Abstract: A method for searching the Internet is provided that includes generating search criteria for an Internet search utilizing a first search agent that is resident on a first computer, distributing search tasks related to the Internet search to other search agents that are resident on their computers, utilizing the other search agents to perform the distributed search tasks, and then reporting the results of each search task back to the first search agent. In a preferred embodiment, the other search agents also retrieve the results of their distributed search tasks, so that the search results may be more easily accessed by the person that initiated the search. In an embodiment, the computers that host the search agents have connections to a common intranet and the search tasks are distributed only to search agents that have been identified as being available to support Internet searching.Type: GrantFiled: September 22, 1999Date of Patent: February 18, 2003Assignee: Networks Associates Technology, Inc.Inventor: Glen Sonnenberg -
Patent number: 6513122Abstract: A system, method and computer program product are provided for detecting attacks on a network. Initially, data is received from a remote source which is destined for a target. A portion of such data is then discarded based on a predetermined set of rules utilizing a firewall which is coupled to the remote source. Remaining data is subsequently passed to an intrusion detection system coupled between the firewall and the target. Such data is parsed to identify data representing text (i.e. ASCII or UNICODE text) therein utilizing the intrusion detection system. Thereafter, the data representing text- is compared to a predetermined list of data representing text-associated with attacks utilizing the intrusion detection system. Based on the comparison, some of the data representing text are marked as hostile. The data representing text-that are marked as hostile are then acted upon in order to prevent an attack.Type: GrantFiled: June 29, 2001Date of Patent: January 28, 2003Assignee: Networks Associates Technology, Inc.Inventors: James S. Magdych, Tarik Rahmanovic, John R. McDonald, Brock E. Tellier, Anthony C. Osborne, Nishad P. Herath