专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08387046B1 Security driver for hypervisors and operating systems of virtualized datacenters 有权
标题翻译：虚拟化管理程序的安全驱动程序和虚拟化数据中心的操作系统
公开(公告)号：US08387046B1
公开(公告)日：2013-02-26
申请号：US12411628
申请日：2009-03-26
申请人： Bruce Montague , Sanjay Sawhney , Matthew Conover , Tzi-cker Chiueh
发明人： Bruce Montague , Sanjay Sawhney , Matthew Conover , Tzi-cker Chiueh
IPC分类号： G06F9/00
CPC分类号： G06F21/53 , G06F9/4555 , G06F9/45558 , G06F21/566 , G06F21/6281 , G06F2009/45587
摘要： A system and method for efficient security protocols in a virtualized datacenter environment are contemplated. In one embodiment, a system is provided comprising a hypervisor coupled to one or more protected virtual machines (VMs) and a security VM. Within a private communication channel, a split kernel loader provides an end-to-end communication between a paravirtualized security device driver, or symbiont, and the security VM. The symbiont monitors kernel-level activities of a corresponding guest OS, and conveys kernel-level metadata to the security VM via the private communication channel. Therefore, the well-known semantic gap problem is solved. The security VM is able to read all of the memory of a protected VM, detect locations of memory compromised by a malicious rootkit, and remediate any detected problems.
摘要翻译：预期在虚拟化数据中心环境中有效的安全协议的系统和方法。在一个实施例中，提供了一种系统，其包括耦合到一个或多个受保护的虚拟机（VM）和安全VM的管理程序。在私有通信信道中，分离的内核加载器提供了半虚拟化安全设备驱动程序或共生体与安全VM之间的端到端通信。 symbiont监控相应客户操作系统的内核级活动，并通过专用通信通道将内核级元数据传送到安全VM。因此，解决了众所周知的语义差距问题。安全VM能够读取受保护的VM的所有内存，检测由恶意rootkit损坏的内存的位置，并修复任何检测到的问题。

2. 发明授权

US08225317B1 Insertion and invocation of virtual appliance agents through exception handling regions of virtual machines 有权
标题翻译：通过虚拟机的异常处理区域插入和调用虚拟设备代理
公开(公告)号：US08225317B1
公开(公告)日：2012-07-17
申请号：US12477810
申请日：2009-06-03
申请人： Tzi-cker Chiueh , Matthew Conover
发明人： Tzi-cker Chiueh , Matthew Conover
IPC分类号： G06F9/455 , G06F11/00 , H04L29/06
CPC分类号： G06F9/455
摘要： A method for inserting an agent of a virtual appliance into a virtual machine. The method may include inserting, into an exception handler memory location of a virtual machine, one or more computer-executable instructions configured to facilitate transfer of control from the virtual machine to an agent-insertion module. The method may also include triggering an exception during execution of the virtual machine to cause the one or more computer-executable instructions in the exception handler memory location to be executed. The method may further include obtaining control from the virtual machine after the at least one computer-executable instruction executes. The method may include inserting the agent of the virtual appliance into the virtual machine. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译：一种将虚拟设备的代理插入到虚拟机中的方法。该方法可以包括将虚拟机的异常处理程序存储器位置插入到一个或多个计算机可执行指令中，该指令被配置为便于将控制从虚拟机传送到代理插入模块。该方法还可以包括在执行虚拟机期间触发异常以使执行异常处理程序存储器位置中的一个或多个计算机可执行指令。所述方法还可以包括在所述至少一个计算机可执行指令执行之后从所述虚拟机获得控制。该方法可以包括将虚拟设备的代理插入到虚拟机中。还公开了各种其它方法，系统和计算机可读介质。

3. 发明授权

US08065567B1 Systems and methods for recording behavioral information of an unverified component 有权
标题翻译：用于记录未验证组件的行为信息的系统和方法
公开(公告)号：US08065567B1
公开(公告)日：2011-11-22
申请号：US12397009
申请日：2009-03-03
申请人： Matthew Conover , Tzi-cker Chiueh
发明人： Matthew Conover , Tzi-cker Chiueh
IPC分类号： G06F21/00
CPC分类号： G06F21/566 , G06F21/577
摘要： A computer-implemented method for recording behavioral information of an unverified component is described. Interactions between a first process and an unverified component loaded in the first process are monitored. A fault is detected from the monitored interactions. Information associated with an event is sent to a proxy module loaded in a second process. The execution of the event in the second process is verified. Information associated with the behavior of the unverified component during the execution of the event is recorded.
摘要翻译：描述用于记录未验证组件的行为信息的计算机实现的方法。监视第一进程和加载在第一进程中的未验证组件之间的交互。从监控的交互中检测到故障。与事件相关联的信息被发送到在第二进程中加载的代理模块。验证第二个进程中事件的执行。记录在执行事件期间与未验证组件的行为相关联的信息。

4. 发明授权

US08881287B1 Systems and methods for library function identification in automatic malware signature generation 有权
标题翻译：用于自动恶意软件签名生成的库函数识别的系统和方法
公开(公告)号：US08881287B1
公开(公告)日：2014-11-04
申请号：US12408277
申请日：2009-03-20
申请人： Kent Griffin , Xin Hu , Tzi-cker Chiueh , Scott Schneider
发明人： Kent Griffin , Xin Hu , Tzi-cker Chiueh , Scott Schneider
IPC分类号： G06F11/00
CPC分类号： G06F21/564 , H04L63/145
摘要： A computer-implemented method for facilitating automatic malware signature generation may comprise disassembling a malware program, identifying one or more byte sequences within the disassembled malware program that have a likelihood of being representative of one or more library functions contained within the malware program, and preventing the one or more byte sequences from being included within one or more malware signatures. Corresponding systems and computer-readable storage media are also disclosed.
摘要翻译：用于促进自动恶意软件签名生成的计算机实现的方法可以包括拆卸恶意软件程序，识别反汇编的恶意软件程序中可能代表包含在恶意软件程序中的一个或多个库功能的可能性的一个或多个字节序列，并且防止一个或多个字节序列被包括在一个或多个恶意软件签名内。还公开了相应的系统和计算机可读存储介质。

5. 发明授权

US08239948B1 Selecting malware signatures to reduce false-positive detections 有权
标题翻译：选择恶意软件签名以减少假阳性检测
公开(公告)号：US08239948B1
公开(公告)日：2012-08-07
申请号：US12340420
申请日：2008-12-19
申请人： Kent E. Griffin , Tzi-cker Chiueh , Scott Schneider , Xin Hu
发明人： Kent E. Griffin , Tzi-cker Chiueh , Scott Schneider , Xin Hu
IPC分类号： G06F11/00
CPC分类号： H04L63/1416 , G06F21/564 , G06F21/577 , H04L63/1433
摘要： A set of candidate signatures for a malicious software (malware) is generated. The candidate signatures in the set are scored based on features that indicate the signatures are more unique and thus less likely to generically occur non-malicious programs. A malware signature for the malware entity is selected from among the candidate malware signatures based on the scores. The selected malware signature is stored.
摘要翻译：生成一组恶意软件（恶意软件）的候选签名。基于表示签名更加独特，因此不太可能普遍发生非恶意程序的特征，对该集合中的候选签名进行评分。基于分数从候选恶意软件签名中选择恶意软件实体的恶意软件签名。所选的恶意软件签名被存储。

6. 发明授权

US08037529B1 Buffer overflow vulnerability detection and patch generation system and method 有权
标题翻译：缓冲区溢出漏洞检测和补丁生成系统及方法
公开(公告)号：US08037529B1
公开(公告)日：2011-10-11
申请号：US12051441
申请日：2008-03-19
申请人： Tzi-cker Chiueh , Kent “E” Griffin
发明人： Tzi-cker Chiueh , Kent “E” Griffin
IPC分类号： G06F12/14 , G06F17/30
CPC分类号： G06F11/3604 , G06F21/577
摘要： A computer-implemented method includes identifying a buffer overflow vulnerability in a vulnerable program including identifying a victim buffer creation site that created a victim buffer and identifying a vulnerability site that overflowed the victim buffer. A patch is created for the vulnerable program to prevent the vulnerability site from overflowing a potential victim buffer created by the victim buffer creation site. In this manner, the information obtained in identifying the buffer overflow vulnerability is used to automatically derive a patch that accurately seals the vulnerability, greatly reduces the false positive and negative rate, while at the same time shortens the response time to new threats.
摘要翻译：计算机实现的方法包括识别脆弱程序中的缓冲区溢出漏洞，包括识别创建受害缓冲区的受害缓冲区创建站点，并识别溢出受害缓冲区的漏洞站点。为易受攻击的程序创建修补程序，以防止漏洞站点溢出由受害缓冲区创建站点创建的潜在的受害者缓冲区。以这种方式，在识别缓冲区溢出漏洞中获得的信息被用于自动导出准确地密封漏洞的补丁，大大减少了错误的正负率，同时缩短了对新威胁的响应时间。

7. 发明授权

US08914324B1 De-duplication storage system with improved reference update efficiency 有权
标题翻译：重复数据删除存储系统具有改进的参考更新效率
公开(公告)号：US08914324B1
公开(公告)日：2014-12-16
申请号：US12580785
申请日：2009-10-16
申请人： Fanglu Guo , Weibao Wu , Tzi-cker Chiueh , Petros Efstathopoulos
发明人： Fanglu Guo , Weibao Wu , Tzi-cker Chiueh , Petros Efstathopoulos
IPC分类号： G06F17/30
CPC分类号： G06F11/1453 , G06F17/30156
摘要： A system and method for backing up files to a single-instance storage system are disclosed. The files may be split into segments, and the file data may be stored in the single-instance storage system as individual segments. The single-instance storage system uses the concept of a file region which covers multiple segments of the file. If a region of a file is unchanged from one backup to the next, the system may use a region object to refer to the unchanged region. This avoids the need to update the reference information for each of the segments within the region, thus increasing the efficiency of backing up the new version of the file.
摘要翻译：公开了将文件备份到单实例存储系统的系统和方法。文件可以被分割成段，并且文件数据可以作为单个段存储在单实例存储系统中。单实例存储系统使用涵盖文件多个段的文件区域的概念。如果文件的一个区域从一个备份到下一个备份不变，则系统可以使用区域对象来引用未更改的区域。这避免了需要更新区域内每个段的参考信息，从而提高了备份新版本文件的效率。

8. 发明授权

US08880784B2 Random write optimization techniques for flash disks 有权
标题翻译：闪存盘的随机写入优化技术
公开(公告)号：US08880784B2
公开(公告)日：2014-11-04
申请号：US13512783
申请日：2010-05-18
申请人： Tzi-cker Chiueh , Maohua Lu , Pi-Yuan Cheng , Goutham Meruva
发明人： Tzi-cker Chiueh , Maohua Lu , Pi-Yuan Cheng , Goutham Meruva
IPC分类号： G06F12/00 , G06F12/02
CPC分类号： G06F12/0246 , G06F2212/1016 , G06F2212/7201 , G06F2212/7202 , G06F2212/7203 , G06F2212/7205
摘要： Disclosed is a method for managing logical block write requests for a flash drive. The method includes receiving a logical block write request from a file system; assigning a category to the logical block; and generating at least three writes from the logical block write request, a first write writes the logical block to an Erasure Unit (EU) according to the category assigned to each logical block, a second write inserts a Block Mapping Table (BMT) update entry to a BMT update log, and a third write commits the BMT update entry to an on-disk BMT, wherein the first and second writes are performed synchronously and the third write is performed asynchronously and in a batched fashion.
摘要翻译：公开了一种用于管理闪存驱动器的逻辑块写入请求的方法。该方法包括从文件系统接收逻辑块写入请求; 将类别分配给逻辑块; 并且从逻辑块写入请求产生至少三次写入，第一次写入根据分配给每个逻辑块的类别将逻辑块写入擦除单元（EU），第二次写入插入块映射表（BMT）更新条目到BMT更新日志，并且第三次写入将BMT更新条目提交到磁盘BMT，其中第一和第二写入被同步地执行，并且以批量方式异步地执行第三写入。

9. 发明授权

US07962961B1 Responding to detected application vulnerability exploits 有权
标题翻译：响应检测到的应用程序漏洞利用
公开(公告)号：US07962961B1
公开(公告)日：2011-06-14
申请号：US11956172
申请日：2007-12-13
申请人： Kent E. Griffin , Tzi-cker Chiueh , Sourabh Satish
发明人： Kent E. Griffin , Tzi-cker Chiueh , Sourabh Satish
IPC分类号： G06F21/22 , G06F15/16 , G06F11/30
CPC分类号： H04L63/1433 , G06F21/566 , G06F21/577 , G06F2221/2101
摘要： A security module detects attempted exploitations of vulnerabilities of an application executing on a computer. A robust function of the application having native error handling functionality is identified. The security module wraps the robust function with an exception handler that catches a “security violation” exception. The exception handler returns an error code of a type that is handled by the application's native error handling functionality. The security module also hooks the application. When a hook is followed, the security module determines whether a vulnerability in the application is being exploited. If an attempted exploit is detected, the security module throws the security violation exception. The application's native error handling functionality unwinds the call stack for the application until it reaches the exception handler wrapping the robust function. The exception handler catches the security violation exception and returns the error code to the application's native error handling functionality.
摘要翻译：安全模块检测在计算机上执行的应用程序的漏洞的尝试利用。识别具有本机错误处理功能的应用的鲁棒功能。安全模块使用捕获“安全冲突”异常的异常处理程序来包装强大的功能。异常处理程序返回由应用程序的本机错误处理功能处理的类型的错误代码。安全模块还挂接应用程序。当遵循挂钩时，安全模块确定应用程序中的漏洞是否被利用。如果检测到尝试的漏洞利用，安全模块将抛出安全冲突异常。应用程序的本机错误处理功能解除应用程序的调用堆栈，直到它到达包含强大功能的异常处理程序。异常处理程序捕获安全冲突异常，并将错误代码返回到应用程序的本机错误处理功能。

10. 发明申请

US20050053034A1 System and method for IP handoff 有权
标题翻译： IP切换的系统和方法
公开(公告)号：US20050053034A1
公开(公告)日：2005-03-10
申请号：US10815443
申请日：2004-04-01
申请人： Tzi-cker Chiueh
发明人： Tzi-cker Chiueh
IPC分类号： H04W36/02 , H04W36/14 , H04W80/00 , H04Q7/00
CPC分类号： H04W36/14 , H04W36/02 , H04W80/00
摘要： A seamless vertical handoff method allows the network applications and connections on a mobile node to continue without disruption as it moves within a wireless overlay network that comprises multiple possibly overlapping layers of wireless networks (e.g., a WLAN and a WWAN) with different underlying technologies, providing mobile roaming capabilities. The method comprises a WLAN access point signal strength monitor for determining when to switch between WLAN and WWAN, and a network connection migration scheme that can move an active network connection from a wireless link of one technology to another wireless link of a different technology in a way that is transparent to the user, the remote end of the network connection, and the operator of the WWAN carrier.
摘要翻译：无缝垂直切换方法允许移动节点上的网络应用和连接在不中断的情况下继续，因为它在包括具有不同底层技术的多个可能重叠的无线网络层（例如，WLAN和WWAN）的无线覆盖网络内移动，提供移动漫游功能。该方法包括用于确定何时在WLAN和WWAN之间切换的WLAN接入点信号强度监视器，以及可以将活动网络连接从一种技术的无线链路移动到另一技术的另一种无线链路的网络连接迁移方案对用户透明的方式，网络连接的远端以及WWAN运营商的运营商。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式