专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

21. 发明申请

US20120304287A1 AUTOMATIC DETECTION OF SEARCH RESULTS POISONING ATTACKS 有权
标题翻译：搜索结果自动检测点击次数
公开(公告)号：US20120304287A1
公开(公告)日：2012-11-29
申请号：US13116012
申请日：2011-05-26
申请人： Fang Yu , Yinglian Xie , Martin Abadi , John P. John , Arvind Krishnamurthy
发明人： Fang Yu , Yinglian Xie , Martin Abadi , John P. John , Arvind Krishnamurthy
IPC分类号： G06F21/00
CPC分类号： G06F21/56 , H04L63/1408 , H04L63/1466 , H04L63/168
摘要： Search result poisoning attacks may be automatically detected by identifying groups of suspicious uniform resource locators (URLs) containing multiple keywords and exhibiting patterns that deviate from other URLs in the same domain without crawling and evaluating the actual contents of each web page. Suspicious websites are identified and lexical features are extracted for each such website. The websites are clustered based on their lexical features, and group analysis is performed on each group to identify at least one suspicious group. Other implementations are directed to detecting a search engine optimization (SEO) attack by processing a large population of URLs to identify suspicious URLs based on the presence of a subset of keywords in each URL and the relative newness of each URL.
摘要翻译：搜索结果中毒攻击可以通过识别包含多个关键字的可疑统一资源定位器（URL）的组，并且在不进行爬行和评估每个网页的实际内容的同一领域中展示不同于其他URL的模式来检测。识别可疑网站，为每个此类网站提取词汇功能。这些网站根据其词汇特征进行聚类，并对每个组进行组分析，以确定至少一个可疑组。其他实现涉及通过处理大量URL来检测搜索引擎优化（SEO）攻击，以基于每个URL中的关键字的存在以及每个URL的相对新颖度来识别可疑URL。

22. 发明授权

US08104021B2 Verifiable integrity guarantees for machine code programs 有权
标题翻译：可验证的机器代码程序完整性保证
公开(公告)号：US08104021B2
公开(公告)日：2012-01-24
申请号：US11450493
申请日：2006-06-09
申请人： Ulfar Erlingsson , Martin Abadi , Michael Vrable
发明人： Ulfar Erlingsson , Martin Abadi , Michael Vrable
IPC分类号： G06F9/45
CPC分类号： G06F21/52 , G06F12/1441
摘要： A verifier performs static checks of machine code to ensure that the code will execute safely. After verification is performed, the code is executed. The code modules generated by the rewriter and verified by the verifier prevent runtime code modifications so that properties established by the verifier cannot be invalidated during execution. Guards ensure that control flows only as expected. Stack data that must be shared within a code module, and which may therefore be corrupted during execution, is placed on a separate data stack. Other stack data remains on the regular execution stack, called the control stack. Multiple memory accesses can be checked by a single memory-range guard, optimized for fast access to the most-frequently used memory.
摘要翻译：验证者执行机器代码的静态检查，以确保代码将安全执行。执行验证后，执行代码。由重写器生成并由验证者验证的代码模块防止运行时代码修改，以便验证者建立的属性在执行过程中不能被无效。护卫员确保控制只能按预期方式流动。必须在代码模块中共享的堆栈数据，并且可能在执行期间被破坏的堆栈数据被放置在单独的数据堆栈上。其他堆栈数据保留在常规执行堆栈中，称为控制堆栈。多个存储器访问可以由单个存储器范围保护来检查，优化用于快速访问最常用的存储器。

23. 发明授权

US07870336B2 Operating system protection against side-channel attacks on secrecy 有权
标题翻译：操作系统防止侧向信道攻击的秘密
公开(公告)号：US07870336B2
公开(公告)日：2011-01-11
申请号：US11592808
申请日：2006-11-03
申请人： Ulfar Erlingsson , Martin Abadi
发明人： Ulfar Erlingsson , Martin Abadi
IPC分类号： G06F13/00
CPC分类号： G06F12/1441 , G06F12/0802 , G06F12/1027 , G06F12/1408
摘要： Unobservable memory regions, referred to as stealth memory regions, are allocated or otherwise provided to store data whose secrecy is to be protected. The stealth memory is prevented from exposing information about its usage pattern to an attacker or adversary. In particular, the usage patterns may not be deduced via the side-channels.
摘要翻译：被称为隐形存储器区域的不可观察的存储区域被分配或以其他方式提供以存储其保密性被保护的数据。隐身记忆被阻止将其使用模式的信息暴露给攻击者或对手。特别地，不能通过侧信道来推断使用模式。

24. 发明申请

US20100313264A1 BLOCKING MALICIOUS ACTIVITY USING BLACKLIST 有权
标题翻译：阻止使用黑名单的恶意活动
公开(公告)号：US20100313264A1
公开(公告)日：2010-12-09
申请号：US12479860
申请日：2009-06-08
申请人： Yinglian Xie , Fang Yu , Martin Abadi
发明人： Yinglian Xie , Fang Yu , Martin Abadi
IPC分类号： G06F21/00
CPC分类号： H04L63/101 , H04L2463/144
摘要： An IP (Internet Protocol) address is a directly observable identifier of host network traffic in the Internet and a host's IP address can dynamically change. Analysis of traffic (e.g., network activity or application request) logs may be performed and a host tracking graph may be generated that shows hosts and their bindings to IP addresses over time. A host tracking graph may be used to determine host accountability. This can enable host-based blacklisting instead of the traditional IP address based blacklisting. Host tracking results can be leveraged for forensic analysis to understand an attacker's traces and identify malicious activities in a postmortem fashion. The host tracking information may be used to build a tracklist which can block future attacks.
摘要翻译： IP（互联网协议）地址是互联网中主机网络流量的直接可观察标识符，主机的IP地址可以动态更改。可以执行流量分析（例如，网络活动或应用请求）日志，并且可以生成显示主机及其与IP地址的绑定的主机跟踪图。可以使用主机跟踪图来确定主机责任。这可以启用基于主机的黑名单，而不是基于传统的基于IP地址的黑名单。主机跟踪结果可以用于法医分析，以了解攻击者的踪迹，并以死后的方式识别恶意活动。主机跟踪信息可用于构建可以阻止未来攻击的轨道列表。

25. 发明申请

US20100191930A1 TRANSACTIONAL MEMORY COMPATIBILITY MANAGEMENT 有权
标题翻译：交易记忆兼容性管理
公开(公告)号：US20100191930A1
公开(公告)日：2010-07-29
申请号：US12359492
申请日：2009-01-26
申请人： Dana Groff , Yosseff Levanoni , Stephen Toub , Michael McKenzie Magruder , Weirong Zhu , Timothy Lawrence Harris , Christopher William Dern , John Joseph Duffy , David Detlefs , Martin Abadi , Sukhdeep Singh Sodhi , Lingli Zhang , Alexander Dadiomov , Vinod Grover
发明人： Dana Groff , Yosseff Levanoni , Stephen Toub , Michael McKenzie Magruder , Weirong Zhu , Timothy Lawrence Harris , Christopher William Dern , John Joseph Duffy , David Detlefs , Martin Abadi , Sukhdeep Singh Sodhi , Lingli Zhang , Alexander Dadiomov , Vinod Grover
IPC分类号： G06F12/00 , G06F9/44
CPC分类号： G06F8/44
摘要： Transactional memory compatibility type attributes are associated with intermediate language code to specify, for example, that intermediate language code must be run within a transaction, or must not be run within a transaction, or may be run within a transaction. Attributes are automatically produced while generating intermediate language code from annotated source code. Default rules also generate attributes. Tools use attributes to statically or dynamically check for incompatibility between intermediate language code and a transactional memory implementation.
摘要翻译：事务性内存兼容类型属性与中间语言代码相关联，以指定例如中间语言代码必须在事务中运行，或者不能在事务中运行，或者可以在事务中运行。自动生成属性，同时从注释的源代码生成中间语言代码。默认规则也生成属性。工具使用属性来静态或动态地检查中间语言代码和事务内存实现之间的不兼容性。

26. 发明授权

US07600232B2 Inter-process communications employing bi-directional message conduits 有权
标题翻译：使用双向消息通道的进程间通信
公开(公告)号：US07600232B2
公开(公告)日：2009-10-06
申请号：US11007655
申请日：2004-12-07
申请人： Galen C. Hunt , James R. Larus , Manuel Fahndrich , Edward P. Wobber , Martin Abadi , John D. DeTreville
发明人： Galen C. Hunt , James R. Larus , Manuel Fahndrich , Edward P. Wobber , Martin Abadi , John D. DeTreville
IPC分类号： G06F3/00 , G06F9/44 , G06F9/46 , G06F13/00
CPC分类号： G06F9/546 , G06F2209/547
摘要： Described herein is an implementation of an inter-process communications technology. One or more implementations, described herein, facilitate creation of a bi-directional message conduit having exactly two endpoints. A first endpoint is owned by a first software process and a second endpoint is owned by a second software process. One or more implementations, described herein, maintain the bi-directional message conduit for passing multiple messages via the bi-directional message conduit from the first process to the second process, according to established rules that can be checked.
摘要翻译：这里描述的是进程间通信技术的实现。本文描述的一个或多个实施方式有助于创建具有正好两个端点的双向消息导管。第一端点由第一软件进程拥有，第二端点由第二软件进程所拥有。根据已经可以检查的规则，本文描述的一个或多个实施方案维护双向消息管道，用于经由双向消息管道将多个消息从第一进程传递到第二进程。

27. 发明申请

US20090204978A1 SYNCHRONIZING SPLIT USER-MODE/KERNEL-MODE DEVICE DRIVER ARCHITECTURE 有权
标题翻译：同步分割用户模式/ KERNEL模式设备驱动程序架构
公开(公告)号：US20090204978A1
公开(公告)日：2009-08-13
申请号：US12027274
申请日：2008-02-07
申请人： Mingtzong Lee , Peter Wieland , Nar Ganapathy , Ulfar Erlingsson , Martin Abadi , John Richardson
发明人： Mingtzong Lee , Peter Wieland , Nar Ganapathy , Ulfar Erlingsson , Martin Abadi , John Richardson
IPC分类号： G06F13/24 , G06F9/54
CPC分类号： G06F9/4812 , G06F9/545
摘要： A device driver includes a kernel mode and a user-mode module. The device driver may access device registers while operating in user-mode to promote system stability while providing a low-latency software response from the system upon interrupts. The device driver may include kernel stubs that are loaded into the operating system, and may be device specific code written. The stubs may be called by a reflector to handle exceptions caught by the stubs. A reset stub may be invoked by the reflector when the user-mode module or host terminates abruptly or detects an interrupt storm. The reset stub may also be invoked if errant DMA operations are being performed by a hardware device. The reset stub may ensure that hardware immediately stops unfinished DMA from further transfer, and may be called by the user-mode driver module.
摘要翻译：设备驱动程序包括内核模式和用户模式模块。设备驱动程序可以在用户模式下操作时访问设备寄存器，以提高系统稳定性，同时在中断时从系统提供低延迟软件响应。设备驱动程序可以包括加载到操作系统中的内核存根，并且可以是写入的特定于设备的代码。存根可以由反射器调用来处理由存根捕获的异常。当用户模式模块或主机突然终止或检测到中断风暴时，反射器可以调用复位存根。如果由硬件设备执行错误的DMA操作，也可以调用复位存根。复位存根可以确保硬件立即停止未完成的DMA进一步传输，并且可以由用户模式驱动器模块调用。

28. 发明申请

US20060123424A1 Inter-process communications employing bi-directional message conduits 有权
公开(公告)号：US20060123424A1
公开(公告)日：2006-06-08
申请号：US11007655
申请日：2004-12-07
申请人： Galen Hunt , James Larus , Manuel Fahndrich , Edward Wobber , Martin Abadi , John DeTreville
发明人： Galen Hunt , James Larus , Manuel Fahndrich , Edward Wobber , Martin Abadi , John DeTreville
IPC分类号： G06F9/46
CPC分类号： G06F9/546 , G06F2209/547
摘要： Described herein is an implementation of an inter-process communications technology. One or more implementations, described herein, facilitate creation of a bi-directional message conduit having exactly two endpoints. A first endpoint is owned by a first software process and a second endpoint is owned by a second software process. One or more implementations, described herein, maintain the bi-directional message conduit for passing multiple messages via the bi-directional message conduit from the first process to the second process, according to established rules that can be checked.

29. 发明授权

US5940619A Dynamic fine-grained dependency analysis for a functional language 失效
标题翻译：功能语言的动态细粒度依赖性分析
公开(公告)号：US5940619A
公开(公告)日：1999-08-17
申请号：US738150
申请日：1996-10-25
申请人： Martin Abadi , James J. Horning , Butler W. Lampson , Roy Levin , Jean-Jacques Levy , Yuan Yu
发明人： Martin Abadi , James J. Horning , Butler W. Lampson , Roy Levin , Jean-Jacques Levy , Yuan Yu
IPC分类号： G06F9/44 , G06F9/45
CPC分类号： G06F8/311 , G06F8/433 , G06F9/45508
摘要： In a computerized method, a computer program is analyzed while the program is interpreted. The program is expressed in a first memory as input values and functions. Some of the input values are complex values which can have a plurality of component values. Each function operates on combinations of the input values and the functions of the program. The program is interpreted in a processor connected to the first memory. The processor is also connected to a second memory to store result values produced during the interpretation. Selected input values, components of the complex values, and functions are named only if the selected values, components, and functions are necessary to produce a selected result value. For each function of the program, the function which is interpreted, the input values on which the function depends, and the result value produced by the function during interpretation, are recorded in the second memory to dynamically perform a precise dependency analysis of the program.
摘要翻译：在计算机化方法中，在解释程序时分析计算机程序。该程序在第一个存储器中表示为输入值和函数。一些输入值是可以具有多个分量值的复数值。每个功能按照程序的输入值和功能的组合进行操作。该程序在连接到第一存储器的处理器中解释。处理器还连接到第二存储器以存储在解释期间产生的结果值。选定的输入值，复数值的组成部分和功能仅在选定的值，组件和功能需要产生选定的结果值时进行命名。对于程序的每个功能，解释的功能，功能所依赖的输入值和解释期间由功能产生的结果值被记录在第二存储器中以动态地执行程序的精确的依赖性分析。

30. 发明授权

US5805803A Secure web tunnel 失效
标题翻译：安全的网络隧道
公开(公告)号：US5805803A
公开(公告)日：1998-09-08
申请号：US855025
申请日：1997-05-13
申请人： Andrew D. Birrell , Edward P. Wobber , Martin Abadi , Raymond P. Stata
发明人： Andrew D. Birrell , Edward P. Wobber , Martin Abadi , Raymond P. Stata
IPC分类号： H04L29/06 , G06F13/14
CPC分类号： H04L63/0272 , H04L63/029 , H04L63/0823 , H04L63/0884
摘要： In a computer implemented method, a client computer connected to a public network such as the Internet makes a request for an intranet resource to a tunnel of a firewall isolating the intranet from the Internet. The request is made in a public message. The tunnel sends a message to the client computer to redirect to a proxy server of the tunnel. The client computer send a token and the request for the resource the proxy server. If the token is valid, the request is forwarded to the intranet, otherwise, the user of the client computer must first be authenticated.
摘要翻译：在计算机实现的方法中，连接到公共网络（例如因特网）的客户端计算机向内部网络与因特网隔离的防火墙的隧道请求内部网资源。请求是在公开消息中发出的。隧道向客户端计算机发送消息以重定向到隧道的代理服务器。客户端计算机向代理服务器发送令牌和资源请求。如果令牌有效，请求将转发到内部网，否则客户端计算机的用户必须首先被认证。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式