会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 4. 发明申请
    • Using asynchronous changes to memory to detect malware
    • 使用异步更改内存来检测恶意软件
    • US20080022406A1
    • 2008-01-24
    • US11447462
    • 2006-06-06
    • Neill M. CliftJonathan D. Morrison
    • Neill M. CliftJonathan D. Morrison
    • G06F12/14
    • G06F21/562G06F21/55
    • A system and method for using asynchronous changes to memory to detect malware is disclosed. The technology initially receives a memory buffer location to be evaluated, the memory buffer location possibly having at least a portion of malware therein. The technology then performs a plurality of double fetches to the memory buffer location. The technology additionally compares a plurality of responses to the plurality of double fetches, wherein a plurality of similar responses to the plurality of double fetches indicates the portion of malware is not present and wherein at least two distinct responses to the plurality of double fetches indicates the portion of malware is present.
    • 公开了一种用于对内存进行异步更改来检测恶意软件的系统和方法。 该技术最初接收要评估的存储器缓冲器位置,存储器缓冲器位置可能在其中具有至少一部分恶意软件。 然后,该技术对存储器缓冲器位置执行多个双提取。 该技术还将多个响应与多个双提取进行比较,其中对多个双提取的多个类似的响应指示不存在恶意软件的部分,并且其中对多个双提取的至少两个不同的响应指示 部分恶意软件存在。
    • 7. 发明授权
    • Using asynchronous changes to memory to detect malware
    • 使用异步更改内存来检测恶意软件
    • US08065736B2
    • 2011-11-22
    • US11447462
    • 2006-06-06
    • Neill M. CliftJonathan D. Morrison
    • Neill M. CliftJonathan D. Morrison
    • G06F12/14
    • G06F21/562G06F21/55
    • A system and method for using asynchronous changes to memory to detect malware is disclosed. The technology initially receives a memory buffer location to be evaluated, the memory buffer location possibly having at least a portion of malware therein. The technology then performs a plurality of double fetches to the memory buffer location. The technology additionally compares a plurality of responses to the plurality of double fetches, wherein a plurality of similar responses to the plurality of double fetches indicates the portion of malware is not present and wherein at least two distinct responses to the plurality of double fetches indicates the portion of malware is present.
    • 公开了一种用于对内存进行异步更改来检测恶意软件的系统和方法。 该技术最初接收要评估的存储器缓冲器位置,存储器缓冲器位置可能在其中具有至少一部分恶意软件。 然后,该技术对存储器缓冲器位置执行多个双提取。 该技术还将多个响应与多个双提取进行比较,其中对多个双提取的多个类似的响应指示不存在恶意软件的部分,并且其中对多个双提取的至少两个不同的响应指示 部分恶意软件存在。