Jump to content

Researcher On Ideas!


TheEdge!

Recommended Posts

Hello, I'm new to this forum. I have researched alot of Cloud Computing... but don't understand much of it, but still it's my hobby. 

 

I heard about Immunet back in 2009 and followed the tracks on the forum about Version 2.0. When it was released, I tried it - It was good but not the best.

 

I have tested Immunet in 1 year now, and searched for the secrets beyond this AV, and as I know now... This require some stuff thatwould add to it! Some new Engines or something. Here there are!

 

1. CLOUD FIREWALL: While having an Anti-Virus Cloud Engine, why not have a Cloud Based Firewall? The Firewall can protect a user by defining Whitelisting/Blacklisting

 

WHITELISTING: The Firewall will have a list of KNOWN GOOD files and will allow the connection of the softwares in the list.

 

BLACKLISTING: The Firewall will have a list of KNOWN BAD files and will block all connection of the softwares in the list.

 

UNKNOWN: The Firewall will allow the Connection, but block certain parts of the program. Like, remote control the PC(For hackers) or for BOTS.

 

 

 

2. BEHAVIOR ENGINE: We need a typical Whitelist of softwares, but the Behavior Engine needs something to detect and block automatic just like SONAR in NORTON.

 

How it determines the Behavior: Everytime you download a Software wich isnt in the Whitelist(Unknown Files) the Behavior Engine will automatically Sandbox the program and a mesage will pop-up: "Checking Behavior."

 

How can it Check the behavior in the Sandbox: The Sandbox runs the program, but the USER cannot see it. After it is installed in the Sandbox, the Behavior will be checked against: Editing Registry, adding itself to Windows32, doing something dangerous.

 

Where will it be Sandboxed: As I know from ZoneAlarm, their Sandbox unknown program on the PC and checks behavior. BUT it can use alot of ram/CPU, so IMP Behavior Engine will be runned on the Server. IF THE FILE is malicous, the data will be send to the Experts and will be added a signature.

 

 

 

3. SANDBOX: The user can choose what to sandbox, like a Browser or something.

 

 

 

 

 

 

 

 

 

So... if I come up with more ideas, I will UPDATE. 

 

 

 

CHEERS!

 

TheEdge.

 

 

 

 

 

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...