1. Field of the Invention
The present invention relates to a protection method and a computer system thereof applied to a firewall apparatus at the application layer, and more particularly, to a protection method and a computer system thereof which simultaneously refers to all transmission information in a plurality of session channels for protecting the firewall apparatus at the application layer.
2. Description of the Prior Art
During the network service rapidly developing, people are used to highly rely on the network information, which results in the entrance of a variety of malware, e.g. virus, spyware, adware or spam, through the related network services to hack or attack people's computer systems, mobile devices or other electronic devices connecting to the network for processing some applications (e.g. smart watch). Accordingly, software/hardware of the computer systems or mobile devices could be damaged, and some electronic files therein might be stolen.
To strengthen the protection of the computer system or the mobile device, a firewall apparatus or related antivirus software may be applied to the application layer to recognize or isolate the potential malware. For the rapid and unpredictable changes of program codes of the malware, the antivirus software of the computer system and the mobile device must be timely updated in order to download the latest virus pattern information. Besides, the conventional firewall apparatus only processes the detection in single session channel of the session layer of the OSI Model (Open System Interconnection Reference Model), and many advanced malware or virus could cleverly divide/separate its transmission packets into many sub-packets to be transmitted in different session channels of the session layer, so as to avoid the detection of the firewall apparatus or the related antivirus software. Accordingly, the firewall apparatus or the related antivirus software may be difficult to precisely recognize/detect/isolate all the sub-packets indifferent session channels of the session layer, such that the electronic devices receiving the information via the application layer may be possible defected or attacked by the potential malware.
Therefore, it has become an important issue to provide a protection method and a computer system thereof for the firewall apparatus disposed at the application layer, so as to release the attack of potential malware.