WO2001077794A3 - System and method for real time monitoring and control of a computer machine environment and configuration profile - Google Patents

System and method for real time monitoring and control of a computer machine environment and configuration profile Download PDF

Info

Publication number
WO2001077794A3
WO2001077794A3 PCT/US2001/011432 US0111432W WO0177794A3 WO 2001077794 A3 WO2001077794 A3 WO 2001077794A3 US 0111432 W US0111432 W US 0111432W WO 0177794 A3 WO0177794 A3 WO 0177794A3
Authority
WO
WIPO (PCT)
Prior art keywords
computer unit
real time
control
time monitoring
configuration profile
Prior art date
Application number
PCT/US2001/011432
Other languages
French (fr)
Other versions
WO2001077794A2 (en
Inventor
Robert F Terry
Original Assignee
Granite Technologies Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Granite Technologies Inc filed Critical Granite Technologies Inc
Priority to AU2001249938A priority Critical patent/AU2001249938A1/en
Publication of WO2001077794A2 publication Critical patent/WO2001077794A2/en
Priority to TW91106841A priority patent/TW574645B/en
Publication of WO2001077794A3 publication Critical patent/WO2001077794A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities

Abstract

A method detects states that are activated by a computer unit includes: (a) checking a set of values in a memory area of the computer unit or in a proprietary file within stored within the computer unit, with each set of values correspond to a state activated by the computer unit; and (b) capturing each set of values to determine each state activated by the computer unit. Each state corresponds to a particular activity initiated in the computer unit.
PCT/US2001/011432 2000-04-06 2001-04-06 System and method for real time monitoring and control of a computer machine environment and configuration profile WO2001077794A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
AU2001249938A AU2001249938A1 (en) 2000-04-06 2001-04-06 System and method for real time monitoring and control of a computer machine environment and configuration profile
TW91106841A TW574645B (en) 2001-04-06 2002-04-04 System and method for real time monitoring and control of a computer machine environment and configuration profile

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US19489500P 2000-04-06 2000-04-06
US60/194,895 2000-04-06

Publications (2)

Publication Number Publication Date
WO2001077794A2 WO2001077794A2 (en) 2001-10-18
WO2001077794A3 true WO2001077794A3 (en) 2002-10-17

Family

ID=22719297

Family Applications (2)

Application Number Title Priority Date Filing Date
PCT/US2001/011432 WO2001077794A2 (en) 2000-04-06 2001-04-06 System and method for real time monitoring and control of a computer machine environment and configuration profile
PCT/US2001/011180 WO2001077833A2 (en) 2000-04-06 2001-04-06 System and method for real time monitoring and control of networked computers

Family Applications After (1)

Application Number Title Priority Date Filing Date
PCT/US2001/011180 WO2001077833A2 (en) 2000-04-06 2001-04-06 System and method for real time monitoring and control of networked computers

Country Status (3)

Country Link
US (1) US20020026605A1 (en)
AU (2) AU2001249938A1 (en)
WO (2) WO2001077794A2 (en)

Families Citing this family (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002001410A1 (en) 2000-06-26 2002-01-03 International Business Machines Corporation Data management application programming interface for a parallel file system
US6832346B2 (en) * 2001-04-13 2004-12-14 Lockheed Martin Corporation System and method for managing and communicating state changes of a complex system
US7657935B2 (en) 2001-08-16 2010-02-02 The Trustees Of Columbia University In The City Of New York System and methods for detecting malicious email transmission
US9306966B2 (en) 2001-12-14 2016-04-05 The Trustees Of Columbia University In The City Of New York Methods of unsupervised anomaly detection using a geometric framework
US7225343B1 (en) 2002-01-25 2007-05-29 The Trustees Of Columbia University In The City Of New York System and methods for adaptive model generation for detecting intrusions in computer systems
GB0205951D0 (en) * 2002-03-14 2002-04-24 Ibm Methods apparatus and computer programs for monitoring and management of integrated data processing systems
US7149800B2 (en) * 2002-05-29 2006-12-12 Seventh Knight Auditing computer systems components in a network
US8806617B1 (en) * 2002-10-14 2014-08-12 Cimcor, Inc. System and method for maintaining server data integrity
US7318163B2 (en) 2003-01-07 2008-01-08 International Business Machines Corporation System and method for real-time detection of computer system files intrusion
US7139906B2 (en) * 2003-06-19 2006-11-21 International Business Machines Corporation Starting point configuration determination for complex configurable systems
US20040187029A1 (en) * 2003-03-21 2004-09-23 Ting David M. T. System and method for data and request filtering
CN100416510C (en) * 2003-09-09 2008-09-03 宏碁股份有限公司 Host computer real-time monitoring apparatus and method
US7356703B2 (en) * 2003-09-16 2008-04-08 At&T Delaware Intellectual Property, Inc. Time-based computer access controls
US20050066290A1 (en) * 2003-09-16 2005-03-24 Chebolu Anil Kumar Pop-up capture
US8108902B2 (en) * 2004-04-30 2012-01-31 Microsoft Corporation System and method for local machine zone lockdown with relation to a network browser
US7752671B2 (en) * 2004-10-04 2010-07-06 Promisec Ltd. Method and device for questioning a plurality of computerized devices
US8104086B1 (en) * 2005-03-03 2012-01-24 Symantec Corporation Heuristically detecting spyware/adware registry activity
US20060265272A1 (en) * 2005-05-17 2006-11-23 Bosa Patrick A System and methods for re-evaluating historical service conditions after correcting or exempting causal events
JP4725955B2 (en) * 2005-06-30 2011-07-13 株式会社リコー Information processing apparatus, message management method, program, and storage medium
WO2007022454A2 (en) 2005-08-18 2007-02-22 The Trustees Of Columbia University In The City Of New York Systems, methods, and media protecting a digital data processing device from attack
US8458789B1 (en) * 2006-03-09 2013-06-04 Mcafee, Inc. System, method and computer program product for identifying unwanted code associated with network communications
US7575163B2 (en) 2006-07-18 2009-08-18 At&T Intellectual Property I, L.P. Interactive management of storefront purchases
US7673175B2 (en) 2006-08-31 2010-03-02 International Business Machines Corporation Computer configuration tracking system able to restore a previous configuration
WO2008055156A2 (en) 2006-10-30 2008-05-08 The Trustees Of Columbia University In The City Of New York Methods, media, and systems for detecting an anomalous sequence of function calls
US8352562B2 (en) * 2009-07-29 2013-01-08 Sap Ag Event notifications of program landscape alterations
KR101104165B1 (en) * 2009-11-26 2012-01-13 애니포인트 미디어 그룹 Media playback apparatus capable of testing user application and method for testing user application using the same
JP2014526751A (en) 2011-09-15 2014-10-06 ザ・トラスティーズ・オブ・コロンビア・ユニバーシティ・イン・ザ・シティ・オブ・ニューヨーク System, method, and non-transitory computer readable medium for detecting return oriented programming payload
JP5863689B2 (en) * 2013-02-28 2016-02-17 京セラドキュメントソリューションズ株式会社 Shared library with unauthorized use prevention function
US11669599B2 (en) * 2018-11-26 2023-06-06 Servicenow, Inc. Systems and methods for software license management
CN111258847B (en) * 2020-01-13 2023-08-22 北京字节跳动网络技术有限公司 File handle monitoring and analyzing method, device, medium and equipment

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5475839A (en) * 1990-03-28 1995-12-12 National Semiconductor Corporation Method and structure for securing access to a computer system
US5809230A (en) * 1996-01-16 1998-09-15 Mclellan Software International, Llc System and method for controlling access to personal computer system resources
WO1998045778A2 (en) * 1997-04-08 1998-10-15 Marc Zuta Antivirus system and method
WO1999031577A2 (en) * 1997-12-18 1999-06-24 Support.Com, Inc. Automatic configuration generation
US5919258A (en) * 1996-02-08 1999-07-06 Hitachi, Ltd. Security system and method for computers connected to network
WO1999036848A1 (en) * 1998-01-20 1999-07-22 Examsoft Worldwide, Inc. Secure exam method
WO2000007099A1 (en) * 1998-07-31 2000-02-10 Westinghouse Electric Company Llc Change monitoring system for a computer system
WO2000023867A2 (en) * 1998-10-22 2000-04-27 Evolutionary Vision Technology, Inc. Windows frame, dialog box, keyboard, device access and user environment real time asc file signal tracking and control system based upon user activity
WO2000075782A1 (en) * 1999-06-02 2000-12-14 Nicholas Peter Carter Security system

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1286010C (en) * 1994-04-05 2006-11-22 英特尔公司 Method and device for monitoring and controlling program in network
US5491791A (en) * 1995-01-13 1996-02-13 International Business Machines Corporation System and method for remote workstation monitoring within a distributed computing environment
US6047312A (en) * 1995-07-07 2000-04-04 Novell, Inc. System for replicating and associating file types with application programs among plurality of partitions in a server
US6035423A (en) * 1997-12-31 2000-03-07 Network Associates, Inc. Method and system for providing automated updating and upgrading of antivirus applications using a computer network
US6591377B1 (en) * 1999-11-24 2003-07-08 Unisys Corporation Method for comparing system states at different points in time
US6785818B1 (en) * 2000-01-14 2004-08-31 Symantec Corporation Thwarting malicious registry mapping modifications and map-loaded module masquerade attacks
US6560776B1 (en) * 2000-02-18 2003-05-06 Avaya Technology Corp. Software installation verification tool

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5475839A (en) * 1990-03-28 1995-12-12 National Semiconductor Corporation Method and structure for securing access to a computer system
US5809230A (en) * 1996-01-16 1998-09-15 Mclellan Software International, Llc System and method for controlling access to personal computer system resources
US5919258A (en) * 1996-02-08 1999-07-06 Hitachi, Ltd. Security system and method for computers connected to network
WO1998045778A2 (en) * 1997-04-08 1998-10-15 Marc Zuta Antivirus system and method
WO1999031577A2 (en) * 1997-12-18 1999-06-24 Support.Com, Inc. Automatic configuration generation
WO1999036848A1 (en) * 1998-01-20 1999-07-22 Examsoft Worldwide, Inc. Secure exam method
WO2000007099A1 (en) * 1998-07-31 2000-02-10 Westinghouse Electric Company Llc Change monitoring system for a computer system
WO2000023867A2 (en) * 1998-10-22 2000-04-27 Evolutionary Vision Technology, Inc. Windows frame, dialog box, keyboard, device access and user environment real time asc file signal tracking and control system based upon user activity
WO2000075782A1 (en) * 1999-06-02 2000-12-14 Nicholas Peter Carter Security system

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
"Getting to Know Windows 95 with Regmon", WINDOWS PROFESSIONAL, January 1999 (1999-01-01), pages 1 - 3, XP002185673, Retrieved from the Internet <URL:http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwinpro99/html/w9p9914.asp> [retrieved on 20011211] *
"MECHANISM FOR TRUSTED COMPUTING BASE DEFINITION AND CHECKING", IBM TECHNICAL DISCLOSURE BULLETIN, IBM CORP. NEW YORK, US, vol. 34, no. 9, 1 February 1992 (1992-02-01), pages 188 - 191, XP000300643, ISSN: 0018-8689 *
"Selecting audit events for Windows NT 4.0 registry keys", CARNEGIE MELLON SOFTWARE ENGINEERING INSTITUTE, CERT COORDINATION CENTER, 17 March 1999 (1999-03-17), pages 1 - 7, XP002185674, Retrieved from the Internet <URL:http://www.cert.org/security-improvement/implementations/i028.04.html> [retrieved on 20011211] *
WONG W: "Remote-control registry", BYTE (INTERNATIONAL EDITION), MAY 1998, MCGRAW-HILL, USA, vol. 23, no. 5, pages 128, XP001041962, ISSN: 0360-5280 *

Also Published As

Publication number Publication date
WO2001077794A2 (en) 2001-10-18
US20020026605A1 (en) 2002-02-28
AU2001249938A1 (en) 2001-10-23
AU2001251373A1 (en) 2001-10-23
WO2001077833A3 (en) 2002-03-28
WO2001077833A2 (en) 2001-10-18

Similar Documents

Publication Publication Date Title
WO2001077794A3 (en) System and method for real time monitoring and control of a computer machine environment and configuration profile
WO2004029748A3 (en) System and method for using keystroke data to configure a remote control device
WO2006077561A3 (en) System and method of configuring a control system for a plurality of devices
EP1675003A3 (en) Fault tolerant system and controller, operation method, and operation program used in the fault tolerant system
WO2004051444A3 (en) Providing a secure execution mode in a pre-boot environment
EP1519276A4 (en) Information storage device, memory access control system and method, and computer program
AU2001287979A1 (en) Dialysis machine and method of checking the functionality of a dialysis machine
EP1517244A4 (en) Information storage device, memory access control system and method, and computer program
HK1057811A1 (en) Display control device, method, computer program and computer-readable medium.
WO2002019229A8 (en) Method and system for financial data aggregation, analysis and reporting
AP2004003181A0 (en) A data aquisition unit, system and method for geophysical data.
DE60100098D1 (en) REGULATOR, CAB PRESSURE CONTROL SYSTEM AND METHOD
CA2469109A1 (en) Distributed control system for forklift
WO2004049108A3 (en) A subscriber device with adaptable user interface and method thereof
WO2002088953A3 (en) Data integrity monitoring storage system
WO2003010671A1 (en) Non-volatile memory and non-volatile memory data rewriting method
EP1521223A4 (en) Sensor monitor,monitor system, sensor monitor method, and program
EP1731976A3 (en) Configuration method for control devices
AU7978500A (en) A computer based method and system for controlling an industrial process
WO2002008918A3 (en) Shared as needed programming model
TWI371668B (en) Fuel processor apparatus,method for controlling a fuel processor,program storage medium,computer,and control system for use a fuel processor
SG113396A1 (en) Group work control system, group work control method and group work control program
AU2003245924A1 (en) Method and system for simulating order processing processes, corresponding computer program product, and corresponding computer-readable storage medium
AU2001236546A1 (en) System and methods for on-line, real-time inventory display, monitoring and control
AU2754101A (en) System for monitoring, processing, and presenting sleep time data

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP