George Mason Research Foundation, Inc. Patent applications |
Patent application number | Title | Published |
20160019391 | VIRTUAL BROWSING ENVIRONMENT - An embodiment for providing a secure virtual browsing environment includes creating a virtual browsing environment with a virtualized operating system sharing an operating system kernel of a supporting operating system and executing the browser application within the virtual browsing environment. Another embodiment includes receiving a website selection within a browser application, determining if the website selection corresponds to a secure bookmark, and creating a second virtual browsing environment and executing the browser application within the second virtual browsing environment to access the website selection when the website selection corresponds to a website specified as a secure bookmark. Yet another embodiment includes monitoring operation of the operating system within the at least one virtual browsing environment, determining when the operation of the operating system includes potential malicious activity, and terminating the virtual browsing environment when the operation includes potential malicious activity. | 01-21-2016 |
20150264059 | MALWARE DETECTOR - A transparent proxy for malware detection includes a monitor module, a protocol determination module, a challenge generation module, a response determination module, and a data control module. The monitor module examines data originating from an application towards a remote server. The protocol determination module identifies the protocol type used for the data. The challenge generation module produces a challenge for the application based upon the protocol type, sends the challenge to the application, and maintains a state related to the data and the challenge. The response determination module makes a determination if an automatic non-interactive application response is received in response to the challenge from the application. The data control module allows the first data to continue to the remote server when the determination is valid. The data control module reports malware detection and blocks the data to continue to the remote server when the determination is invalid. | 09-17-2015 |
20150212842 | ON-DEMAND DISPOSABLE VIRTUAL WORK SYSTEM - An on-demand disposable virtual work system that includes: a virtual machine monitor to host virtual machines, a virtual machine pool manager, a host operating system, a host program permissions list, and a request handler module. The virtual machine pool manager manages virtual machine resources. The host operating system interfaces with a user and virtual machines created with an image of a reference operating system. The host program permissions list may be a black list and/or a white list used to indicate allowable programs. The request handler module allows execution of the program if the program is allowable. If the program is not allowable, the host request handler module: denies program execution and urges a virtual machine specified by the virtual machine pool manager to execute the program. The virtual machine is terminated when the program closes. | 07-30-2015 |
20150195302 | HARDWARE-ASSISTED INTEGRITY MONITOR - A hardware-assisted integrity monitor may include one or more target machines and/or monitor machines. A target machine may include one or more processors, which may include one or more system management modes (SMM). A SMM may include one or more register checking modules, which may be configured to determine one or more current CPU register states. A SMM may include one or more acquiring modules, which may be configured to determine one or more current memory states. A SMM may include one or more network modules, which may be configured to direct one or more communications, for example of one or more current CPU register states and/or current memory states, to a monitor machine. A monitor machine may include one or more network modules and/or analysis modules. An analysis module may be configured to determine memory state differences and/or determine CPU register states differences. | 07-09-2015 |
20140053269 | ATTACK RESISTANT CONTINUOUS NETWORK SERVICE TRUSTWORTHINESS CONTROLLER - An attack resistant continuous network service trustworthiness controller comprising: state estimation module(s), response selection module(s), actuation module(s), and client dispatcher communication module(s) for maintaining the availability and integrity of online server(s). The state estimation module(s) are configured to generate state estimate(s) for online server(s) using behavior data obtained using sensor module(s). The response selection module(s) are configured to determine corrective action(s) to maintain the availability and integrity of online server(s) when state estimate(s) indicate that the integrity of an online server(s) is compromised. The actuation module(s) are configured to activate actuator(s) based upon the corrective action(s). Client dispatcher communication module(s) are configured to communicate online server availability information to a client dispatcher. | 02-20-2014 |