Documents can be created to include metadata associated with rights management information that applies to the entire document and/or to one or more applicable sub-portions of the document. When a user places such a document to be scanned on a multi-function device (MFD) in a rights management environment, the MFD recognizes metadata associated with user rights management regarding the document and/or applicable sub-portions. The MFD automatically commences a rights management scheme to authenti...

Methods of detecting executable code which has been altered are provided. Upon an initial loading of an executable code a calculation is performed to generate a score associated with the executable code, the initial score is retained. Subsequently, one or more additional calculations are performed on the executable code to generate subsequent scores. Any subsequent score not matching the initial score indicates the executable code has been altered in some way. If alteration has occurred, then th...

A method and system to verify active content included within a markup language document store multiple instances of publication information (e.g., an e-commerce listing or e-mail message) in a database associated with a server system. The stored publication information includes active content (e.g., web pages that include an executable script or point to an executable script). Selected active content is retrieved from the database, and subject to a verification process. The verification process ...

A system and method in accordance with a preferred embodiment of the invention advantageously provide trapping of suspected electronic mails in dedicated mail address accounts under predetermined control. Trapped e-mails are profiled in order to determine if they contain malicious code. If it is determined that the profiled e-mails include malicious code embedded therein, the e-mails can then be submitted for subsequent analysis identifying the new virus(es) and developing a cure therefor. The p...

A wireless network security system including a system data store capable of storing network default and configuration data, a wireless transmitter and a system processor. The system processor performs a network security method. An active defense request signal is received, typically from an intrusion detection system. The received request signal includes an indicator of an access point within the wireless computer network that is potentially compromised. In response to the received an active def...

In a network including a centralized controller and a plurality of routers forming a security perimeter, a method for selectively discarding packets during a distributed denial-of-service (DDoS) attack over the network. The method includes aggregating victim destination prefix lists and attack statistics associated with incoming packets received from the plurality of routers to confirm a DDoS attack victim, and aggregating packet attribute distribution frequencies for incoming victim related pac...

According to one embodiment of the invention, a computerized method for addressing intrusion attacks directed at a computer includes receiving a data stream corresponding to a potential attack on the computer and calculating an event risk rating for the data stream. Calculating the event risk rating includes determining at least one component risk rating. In one embodiment, the component risk ratings are: a signature fidelity rating indicative of the likelihood the potential attack will affect t...

Tampering with pieces of software is inhibited. Thread protection inhibits tampering with various threads that execute protective pieces of software. Profiles are stored in a central hierarchical database and such profiles are protected from tampering. The obfuscation of a software image so as to becloud the comprehension of hackers in reverse engineering pieces of software comprising the software image is provided.

An application contacts the Application Specific Integrated Circuit (ASIC) with a request for a job, along with the name or identifier of a data stream to pattern match against, the name or identifier of the pattern set to use, and whether the job is partial or full. Depending on the priority rules set by the ASIC administrator, the ASIC may stop the job it is currently doing and begin work on the new job, or wait until the current job is finished before starting the new job. The ASIC determines...

A method and apparatus directed to detecting DoS (denial of service) attacks against SIP enabled devices. A substantial imbalance between an accounting of SIP INVITE (INV) and SIP 180 Ringing (N.sub.180) messages indicates a DoS attack. Preferably the number (H) of INVITE messages including credentials (INV.sub.c) that are sent from a user client in response to a 407 Authentication Required message from a proxy server are removed from the accounting before the balance is tested. If the equation ...