The present invention relates to computer security systems, and more particularly, to a system and method for diagnosing, remedying and blocking harmful information including computer viruses online over a computer network via which a client is linked to a web server.
With the development of computer network based technologies, and lo particularly, the World Wide Web (“the Web”) technology, the number of users on computer networks, and particularly, on the Internet, is rapidly expanding. Now, the Internet is no longer a new technology and service field in virtual space, but is getting into the realities of life. An ever-growing number of businesses, for example, shopping, auction, banking and advertising businesses, have established a presence on the Internet. Computer users now routinely employ the Internet to access various information, and conduct a variety of economical activities.
The Internet provides convenience to computer users in various ways. On the other hand, as computer and Internet related technologies have grown, concerns about highly possible illegal extraction of personal information or damage caused by a variety of computer viruses through computer networks are also quickly increasing. The damage caused by harmful information such as computer viruses can be serious. Reportedly, the amount of worldwide damage by computer viruses in the first half of 1999 marked a three-fold jump at $7,6 $7.6 billion over 1998's $2.5 billion.
For example, the Chernobyl (CIH) virus, which is a high-risk computer virus, corrupted all of the data on a hard disk, and caused tremendous damage in the world including Korea. Recently, new harmful information such as the Back Orifice virus, or the School Bus virus which implants a “spy” file capable of remote controlling a computer, into computers along with other computer viruses, to thereby illegally extract personal information from the computers, has been introduced onto the Internet.
An existing counterplan for protection against various harmful information is based on the first damage/post-repair policy. This protection counterplan assumes a passive position by taking measures (for example, follow-up development of appropriate antivirus programs) after computer systems have been suffered from unidentified harmful information. Another disadvantage found in the protection policy lies in that a variety of antivirus programs for protecting against harmful information need to be manually installed on individual personal computers, which is an inefficient process overloading computer users with the installation activity. Furthermore, since various harmful information is created and distributed ever quickly through the Internet, it is not easy to consistently equip computers with the latest releases of antivirus programs.
Thus, if new harmful information, such as new species of computer virus, against which appropriate antivirus programs have not been developed yet, infiltrates a user computer, it is inevitable that the computer system is damaged by the new computer virus, or personal information is illegally drawn out of the computer system. In addition, a user must visit harmful information related service providers, or online communications companies to get the latest version of the antivirus program whenever an unidentified computer virus is discovered. Furthermore, downloading the latest version of the antivirus program is followed by manual installation, which is an unnecessary labor-intensive task.
The existing counterplan for protecting user computers from harmful information provides no communication channel for effectively reporting occurrences of harmful information or damage caused by the harmful information to the harmful information related service providers, so that statistical data on distribution of harmful information and damage caused by the harmful information, and the systematic data analysis thereof are not available to the harmful information related service providers.