Abstract: Inbound and outbound traffic on a computer system are intercepted and compared to determine if the presence of malicious code is indicated. Outbound traffic that is sufficiently similar to recently received inbound traffic is indicative of the presence of malicious code. In some embodiments, if the presence of malicious code is indicated, the user, as well as other individuals or systems, are notified of the detection. In some embodiments, if desired, protective actions are initiated to hinder or block the propagation of the malicious code from the host computer system to other computer systems, as well as to remove or inactivate the malicious code on the host computer system.
Abstract: A method and computer executable program code are disclosed for performing one or more maintenance tasks on a remotely located computer connected to a server computer via a data network.
Abstract: A system, method, and computer program product for identifying malware components on a computer, including detecting an attempt to create or modify an executable file or an attempt to write to a system registry; logging the attempt as an auditable event; performing a malware check on executable files of the computer; if malware is detected on the computer, identifying all other files created or modified during the auditable event, and all other processes related to the auditable event; terminating the processes related to the auditable event; deleting or quarantining the executable files created or modified during the auditable event; and if the deleted executable files include any system files, restoring the system files from a trusted backup. Optionally, all files and processes having a parent-child relationship to a known malware component or known infected file are identified. A log of auditable events is maintained, and is recoverable after system reboot.
Abstract: The security risk associated with a computer system may be quantified by identifying a computer system, identifying a risk associated with the computer system, the risk relating to an event that may interrupt a normal operating mode of the computer system, determining a likelihood that the event associated with the risk will occur, determining a cost associated with the event occurring on the computer system, and quantifying the risk into an impact value by using the likelihood and the cost.
Abstract: A system uses automatic feedback and control to secure a network infrastructure by iterative convergence of the network's security structure to meet a security policy. Following initialization, a security feedback control system of the security management system makes dynamic adjustments to the system using bi-directional services that are controlled via policy decision components, without user intervention.
Abstract: A system provides for tracking the behavior of television viewers and Internet browsers while protecting the privacy of the user. The level of privacy is under control of the user. In one embodiment, an arbitrary anonymous identifier is assigned to the user. The selection of a new arbitrary anonymous identifier is under the control of the user. In a second embodiment, a private anonymous identifier is based on a user entered password. The user history data is stored on a history server using the private anonymous identifier. An authentication server is provided to validate the private anonymous identifier before transferring the user history data to the history server.
Abstract: Parental controls for entertainment digital media are provided that allow a parent to restrict multiple user's access to entertainment content. One or more updatable rating definition files with dynamic data are used to define rating levels and content descriptors for a regional rating system. Entertainment content definition files define the rating level and content descriptors for entertainment content. User permission settings define a particular user's access rating level and content descriptors. The rating definition file can be used to compare the entertainment content definition file and user permission settings in determining if a user is allowed access to particular entertainment content.
Type:
Grant
Filed:
October 10, 2003
Date of Patent:
December 30, 2008
Assignee:
Microsoft Corporation
Inventors:
C. Shane Evans, Kareem A. Choudhry, Roderick M. Toll, Jonathan D. Hildebrandt
Abstract: A service provider makes requests to an information processing center for processing for an IC card in card command units. The information processing center issues encrypted card commands that can be interpreted by the IC card itself based on requests received from the service provider and sends these to the IC card via the computer network, client, and card reader/writer device. This enables an IC card connected to a client to be accessed using secure communication.
Abstract: An automatic performance data editing and reproducing apparatus which can achieve harmony between a copyright holder of automatic performance data and users thereof. At least part of a plurality of pieces of part performance data stored in a storage device that stores automatic performance data comprising a plurality of pieces of part performance data and stores identifiers indicative of whether the part performance data is data of which reproduction is to be limited as attachment to at least part of the plurality of pieces of part performance data is read out and edited. The automatic performance data including the edited part performance data is reproduced.
Abstract: With content management apparatus 110 serving as a copy origin and storage medium 120 as a copy target, the copy origin retains allowed copy count control information on content, and when the content is copied from the copy origin to the copy target, the allowed copy count control information retained at the copy origin before copy processing is updated in accordance with a predetermined rule to generate allowed copy count control information to be retained at the copy origin and allowed copy count control information to be retained at the copy target, and subsequent copy processing at the copy origin is done based on the allowed copy count control information retained at the copy origin, whereas subsequent copy processing on the content stored in storage medium 120 is done based on the allowed copy count control information stored in storage medium 120. In this way, it is possible to achieve content management which is easily understandable for users.