Jump to content
Sign in to follow this  
TheEdge!

Researcher On Ideas!

Recommended Posts

Hello, I'm new to this forum. I have researched alot of Cloud Computing... but don't understand much of it, but still it's my hobby. 

 

I heard about Immunet back in 2009 and followed the tracks on the forum about Version 2.0. When it was released, I tried it - It was good but not the best.

 

I have tested Immunet in 1 year now, and searched for the secrets beyond this AV, and as I know now... This require some stuff thatwould add to it! Some new Engines or something. Here there are!

 

1. CLOUD FIREWALL: While having an Anti-Virus Cloud Engine, why not have a Cloud Based Firewall? The Firewall can protect a user by defining Whitelisting/Blacklisting

 

WHITELISTING: The Firewall will have a list of KNOWN GOOD files and will allow the connection of the softwares in the list.

 

BLACKLISTING: The Firewall will have a list of KNOWN BAD files and will block all connection of the softwares in the list.

 

UNKNOWN: The Firewall will allow the Connection, but block certain parts of the program. Like, remote control the PC(For hackers) or for BOTS.

 

 

 

2. BEHAVIOR ENGINE: We need a typical Whitelist of softwares, but the Behavior Engine needs something to detect and block automatic just like SONAR in NORTON.

 

How it determines the Behavior: Everytime you download a Software wich isnt in the Whitelist(Unknown Files) the Behavior Engine will automatically Sandbox the program and a mesage will pop-up: "Checking Behavior."

 

How can it Check the behavior in the Sandbox: The Sandbox runs the program, but the USER cannot see it. After it is installed in the Sandbox, the Behavior will be checked against: Editing Registry, adding itself to Windows32, doing something dangerous.

 

Where will it be Sandboxed: As I know from ZoneAlarm, their Sandbox unknown program on the PC and checks behavior. BUT it can use alot of ram/CPU, so IMP Behavior Engine will be runned on the Server. IF THE FILE is malicous, the data will be send to the Experts and will be added a signature.

 

 

 

3. SANDBOX: The user can choose what to sandbox, like a Browser or something.

 

 

 

 

 

 

 

 

 

So... if I come up with more ideas, I will UPDATE. 

 

 

 

CHEERS!

 

TheEdge.

 

 

 

 

 

 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...