Abstract: A method and apparatus optimizes the protection of computing networks. This protection utilizes attenuated (weakened) strains of live, replicating, malicious code such as viruses and worms, analogous to the development of live, attenuated, human vaccines in the medical field. In a preferred embodiment, this is achieved by (1) attenuating a malicious program, e.g. a virus or worm, or software vulnerability by limiting its virulence, i.e., limiting its damage and resource usage, (2) modifying the virus to confer immunity on the network that it infects, e.g., automatically patching a vulnerability, or marking the infected host as immune to further infection, (3) releasing the newly attenuated virus into the network, (4) tracking the attenuated virus and its success rate (e.g., rate and ratio of successfully patched to un-patched vulnerable hosts), and (5) limiting the spread of the virus vaccine, e.g.

Abstract: The invention optimizes the security of data communication on wireless local area networks (WLANs). This invention uses radio frequency (RF) radiation sensors (sensors) on the physical perimeter of a campus, or between nodes in a wireless mesh network, to detect signal bleed outside of an acceptable geographic range. In a preferred embodiment, this is achieved by (1) setting the acceptable signal strength (“bleed”) to be allowed at the perimeter, (2) sensing the RF signal strength at the perimeter sensors, (3) providing feedback from the sensors to the central radiation source controller (controller), (4) adjusting the central radiation source signal strength upwards or downwards based on acceptable ranges, (5) repeating this procedure in real time to provide constant optimization.

Abstract: A system for optimizing the security of embedded, mobile devices such as personal data assistants and Smartphones by controlling the permission level between the upper, user-mode layer and the lower, protected kernel layer.

Abstract: A system for optimizing the security of embedded, mobile devices such as personal data assistants and Smartphones by protecting against soft and hard reset code attacks. In a preferred embodiment, this is achieved by 1. Scanning the active memory for evidence of “hard reset attack” code. 2. Scanning the filesystem for evidence of “hard reset attack” code. 3. Scanning the active memory for evidence of “soft reset attack” code. 4. Scanning the filesystem for evidence of “soft reset attack” code. 5. Automatically blocking and cleaning the reset code, based on user preference. 6. Providing optional user control over which programs are allowed to write to the startup folder.

Abstract: A method and apparatus optimizes the protection of computing networks. This protection utilizes attenuated (weakened) strains of live, replicating, malicious code such as viruses and worms, analogous to the development of live, attenuated, human vaccines in the medical field. In a preferred embodiment, this is achieved by (1) attenuating a malicious program, e.g. a virus or worm, or software vulnerability by limiting its virulence, i.e., limiting its damage and resource usage, (2) modifying the virus to confer immunity on the network that it infects, e.g., automatically patching a vulnerability, or marking the infected host as immune to further infection, (3) releasing the newly attenuated virus into the network, (4) tracking the attenuated virus and its success rate (e.g., rate and ratio of successfully patched to un-patched vulnerable hosts), and (5) limiting the spread of the virus vaccine, e.g.

Abstract: A system for optimizing the security of data communication on wireless mesh networks invention uses existing mesh network nodes to control new nodes that attempt to join the network. In a preferred embodiment, this is achieved by (1) testing that a new node is “clean” before allowing it to join the wireless mesh network by scanning the new node for viruses, checking for security patches, etc., (2) quarantining an “infected” node from joining the wireless mesh network until it is cleaned, (3) signaling other nodes in the existing mesh network that a node is either “infected” or “clean”, (4) cleaning a new node by supplying it with antivirus software, vendor patches, etc. from nearby nodes in the existing wireless mesh network, (5) updating the wireless mesh network in real time with a list of clean and infected nodes, and (6) performing the above steps without the need for a central, controlling server.

Abstract: The present invention provides a method and apparatus for increasing the efficiency at which computer viruses and corrupted files are detected on computer operating systems that support multitasking. The flexibility of the system allows data processing systems to reduce scanning time by utilizing multitasking to perform virus scans in parallel, subject to the amount of available memory and the number of simultaneous tasks that are available to be used by the parallel processes.

Abstract: The invention optimizes the security of data communication on wireless local area networks (WLANs). This invention uses radio frequency (RF) radiation sensors (sensors) on the physical perimeter of a campus, or between nodes in a wireless mesh network, to detect signal bleed outside of an acceptable geographic range. In a preferred embodiment, this is achieved by (1) setting the acceptable signal strength (“bleed”) to be allowed at the perimeter, (2) sensing the RF signal strength at the perimeter sensors, (3) providing feedback from the sensors to the central radiation source controller (controller), (4) adjusting the central radiation source signal strength upwards or downwards based on acceptable ranges, (5) repeating this procedure in real time to provide constant optimization.

Abstract: The present invention provides a method and apparatus for increasing the security of data processing devices that use embedded operating systems (embedded devices). This invention utilizes an “embedded firewall” that improves security of the device by selectively filtering communication directly on the embedded device itself, rather than relying on an external firewall.

Abstract: The present invention provides a method and apparatus for increasing the efficiency at which computer viruses and corrupted files are detected on computer operating systems that support multitasking. The flexibility of the system allows data processing systems to reduce scanning time by utilizing multitasking to perform virus scans in parallel, subject to the amount of available memory and the number of simultaneous tasks that are available to be used by the parallel processes.