会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 3. 发明申请
    • METHOD AND SYSTEM FOR MOBILE NETWORK SECURITY, RELATED NETWORK AND COMPUTER PROGRAM PRODUCT
    • 移动网络安全,相关网络和计算机程序产品的方法和系统
    • WO2007110105A1
    • 2007-10-04
    • PCT/EP2006/010448
    • 2006-10-31
    • TELECOM ITALIA S.p.A.LAMASTRA, GerardoABENI, PaoloCANGINI, GianlucaCODA ZABETTA, Francesco
    • LAMASTRA, GerardoABENI, PaoloCANGINI, GianlucaCODA ZABETTA, Francesco
    • G06F21/00H04L29/06
    • H04L51/12H04L51/38H04L63/0227H04L63/1491H04W12/12
    • A honeypot system (100) for protecting a mobile communication network against malware includes one or more user-less mobile devices (101 ) including a monitoring module (104) for monitoring the events conveying software applications in the associated mobile device (101 ) as well as a controller client module (107) that emulates human-like interaction with the user-less devices (101 ) as a function of the events monitored (104). The system (100) controllably performs, for the applications conveyed by the events monitored (104), one or more of the following steps: - i) installing the application on the device (101 ); - ii) executing the application installed on the device (101 ); and - iii) de-installing the application from the device (101 ). After any of these steps performed, the state of the device (101 ) is checked in order to detect if any anomalous variation has occurred in the state of the device (101 ) indicative of said at the device (101 ) being exposed to the risk of malware. If any said anomalous variation is detected, the system issues a malware alert message.
    • 用于保护移动通信网络免受恶意软件的蜜罐系统(100)包括一个或多个无用户移动设备(101),其包括监视模块(104),用于监视传送相关移动设备(101)中的软件应用的事件 作为控制器客户端模块(107),其根据所监视的事件(104)模拟与无用户设备(101)的类似人的交互。 所述系统(100)可控制地对由所监视的事件(104)传送的应用执行以下一个或多个步骤:i)将所述应用安装在所述设备(101)上; - ii)执行安装在设备(101)上的应用程序; 以及 - iii)从所述设备(101)去除所述应用程序。 在执行了这些步骤之一之后,检查设备(101)的状态,以便检测在设备(101)处的指示所述设备(101)暴露于风险的设备(101)的状态是否发生任何异常变化 的恶意软件。 如果检测到任何所述异常变化,则系统发出恶意软件警报消息。
    • 4. 发明申请
    • A METHOD AND SYSTEM FOR IDENTIFYING MALICIOUS MESSAGES IN MOBILE COMMUNICATION NETWORKS, RELATED NETWORK AND COMPUTER PROGRAM PRODUCT THEREFOR
    • 用于识别移动通信网络中的恶意消息的方法和系统,其相关网络和计算机程序产品
    • WO2007110093A1
    • 2007-10-04
    • PCT/EP2006/002787
    • 2006-03-27
    • TELECOM ITALIA S.p.A.LAMASTRA, GerardoCANGINI, GianlucaCODA ZABETTA, FrancescoSPERTI, Luigi
    • LAMASTRA, GerardoCANGINI, GianlucaCODA ZABETTA, FrancescoSPERTI, Luigi
    • H04L29/06H04Q7/38
    • H04L51/12H04L51/38H04L63/0227H04L63/1491H04W12/12
    • A system for identifying malicious messages transmitted over a mobile communication network includes: sentinel modules (100) associated with respective mobile terminals (101) in the network for monitoring messages passing therethrough; the sentinel modules (100) identify as a candidate malicious message any message passing through the mobile terminals (101) and failing to comply with a first set of patterns and issue a corresponding sentinel identification message; a set of probe modules (105, 106) for monitoring messages transmitted over the network (401); the probe modules (105, 106) identify as a candidate malicious message any message transmitted over the network and failing to comply with a second set of patterns and issue a corresponding probe identification message; and preferably at least one client honeypot module (104) for receiving and processing any messages sent thereto to produce corresponding processing results; the client honeypot module (104) identifies as a candidate malicious message any message producing a processing result failing to comply with a third set of patterns and issues a corresponding client honeypot identification message. The system also includes a correlation subsystem (102) for receiving the identification messages from the various sentinel (100), probe (105, 106) and client honeypot (104) modules and identifying as a malicious message any message for which identification messages are received from a plurality of these modules (100; 105, 106; 104).
    • 用于识别通过移动通信网络发送的恶意消息的系统包括:与网络中的相应移动终端(101)相关联的哨兵模块(100),用于监视通过其的消息; 哨兵模块(100)将通过移动终端(101)的任何消息识别为候选恶意消息,并且不符合第一组模式并发出相应的哨兵识别消息; 一组用于监视通过网络传输的消息的探测模块(105,106); 探测模块(105,106)将通过网络发送的任何消息识别为候选恶意消息,并且不符合第二组模式并发出相应的探测器识别消息; 并且优选地至少一个客户端蜜罐模块(104)用于接收和处理发送到其上的任何消息以产生相应的处理结果; 客户端蜜罐模块(104)将产生未能符合第三组模式的处理结果的消息识别为候选恶意消息,并且发出相应的客户端蜜罐识别消息。 该系统还包括用于从各种前哨(100),探测(105,106)和客户机蜜罐(104)模块接收标识消息的相关子系统(102),并将用于识别消息的任何消息标识为恶意消息 来自多个这些模块(100; 105,106; 104)。
    • 5. 发明申请
    • METHOD AND SYSTEM FOR INTRUSION PREVENTION AND DEFLECTION,
    • 侵入和预防的方法和系统,
    • WO2005050414A1
    • 2005-06-02
    • PCT/EP2003/012090
    • 2003-10-30
    • TELECOM ITALIA S.P.A.BRUSOTTI, StefanoCODA ZABETTA, Francesco
    • BRUSOTTI, StefanoCODA ZABETTA, Francesco
    • G06F1/00
    • H04L63/1408H04L43/00H04L63/02
    • A system for preventing intrusion in communication traffic with a set (130) of machines in a network includes a data base (415) having stored therein patterns representative of forbidden communication entities as well a firewall module (412a) configured for blocking forbidden communication entities in the traffic as identified by respective patterns included in the data base (415). The system further includes another data base (416) having stored therein patterns representative of allowed communication entities for communication with said set of machines (130) and a test system (420) including test facilities (421) replicating the machines in said set (130). A communication module (410) is provided configured for allowing (411b) communication of allowed communication entities as identified by respective patterns included in the other data base (416). Unknown communication entities as identified by respective unknown patterns not included in either of said data base (415) and said further data base (416) are directed (411d) to the test system (420) and run on the test facilities (421) therein to detect possible adverse effects of such unknown communication entities on the test system. The system is further configured so that: i) in the presence of an adverse effect, the unknown communication entity leading to the adverse effect is blocked by the firewall module (412a), and ii) in the absence of an adverse effect, communication of the unknown communication entity failing to lead to said adverse effect is allowed.
    • 一种用于防止在网络中的一组机器(130)入侵通信业务的系统包括:数据库(415),其中存储有表示禁止通信实体的模式,以及防火墙模块(412a),其被配置为阻止禁止的通信实体 由数据库(415)中包括的相应模式识别的业务。 该系统还包括另一数据库(416),其中存储有表示允许与所述机器组(130)通信的允许通信实体的模式和包括复制所述组中的机器的测试设备(421)的测试系统(420) )。 提供通信模块(410),其被配置为允许(411b)通过包括在其他数据库(416)中的各个模式所识别的允许的通信实体的通信。 未包括在所述数据库(415)和所述另外的数据库(416)之一中的未知模式识别的未知通信实体被指向(411d)到测试系统(420)并且在其上的测试设施(421)上运行 以检测这种未知通信实体对测试系统的可能的不利影响。 该系统进一步配置为:i)在存在不利影响的情况下,导致不利影响的未知通信实体被防火墙模块(412a)阻止,以及ii)在没有不利影响的情况下, 允许未知的通信实体不能导致所述不利影响。