专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20050108554A1 Method and system for adaptive rule-based content scanners 有权
标题翻译：基于自适应规则的内容扫描仪的方法和系统
公开(公告)号：US20050108554A1
公开(公告)日：2005-05-19
申请号：US10930884
申请日：2004-08-30
申请人： Moshe Rubin , Moshe Matitya , Artem Melnick , Shlomo Touboul , Alexander Yermakov , Amit Shaked
发明人： Moshe Rubin , Moshe Matitya , Artem Melnick , Shlomo Touboul , Alexander Yermakov , Amit Shaked
IPC分类号： G06F21/00 , H04L29/06 , G06F9/45
CPC分类号： G06F21/563 , G06F8/427 , G06F21/562 , G06F2221/2119 , H04L63/0227 , H04L63/0245 , H04L63/145 , H04L63/168
摘要： A method for scanning content, including identifying tokens within an incoming byte stream, the tokens being lexical constructs for a specific language, identifying patterns of tokens, generating a parse tree from the identified patterns of tokens, and identifying the presence of potential exploits within the parse tree, wherein said identifying tokens, identifying patterns of tokens, and identifying the presence of potential exploits are based upon a set of rules for the specific language. A system and a computer readable storage medium are also described and claimed.
摘要翻译：一种用于扫描内容的方法，包括识别输入字节流内的令牌，所述令牌是用于特定语言的词法构造，识别令牌模式，从所识别的令牌模式生成解析树，以及识别所述令牌内的潜在漏洞的存在解析树，其中所述识别令牌，识别令牌的模式以及识别潜在利用的存在是基于用于特定语言的一组规则。还描述和要求保护系统和计算机可读存储介质。

2. 发明授权

US08225408B2 Method and system for adaptive rule-based content scanners 有权
标题翻译：基于自适应规则的内容扫描仪的方法和系统
公开(公告)号：US08225408B2
公开(公告)日：2012-07-17
申请号：US10930884
申请日：2004-08-30
申请人： Moshe Rubin , Moshe Matitya , Artem Melnick , Shlomo Touboul , Alexander Yermakov , Amit Shaked
发明人： Moshe Rubin , Moshe Matitya , Artem Melnick , Shlomo Touboul , Alexander Yermakov , Amit Shaked
IPC分类号： H04L29/06
CPC分类号： G06F21/563 , G06F8/427 , G06F21/562 , G06F2221/2119 , H04L63/0227 , H04L63/0245 , H04L63/145 , H04L63/168
摘要： A method for scanning content, including identifying tokens within an incoming byte stream, the tokens being lexical constructs for a specific language, identifying patterns of tokens, generating a parse tree from the identified patterns of tokens, and identifying the presence of potential exploits within the parse tree, wherein said identifying tokens, identifying patterns of tokens, and identifying the presence of potential exploits are based upon a set of rules for the specific language. A system and a computer readable storage medium are also described and claimed.
摘要翻译：一种用于扫描内容的方法，包括识别输入字节流内的令牌，所述令牌是用于特定语言的词法构造，识别令牌模式，从所识别的令牌模式生成解析树，以及识别所述令牌内的潜在漏洞的存在解析树，其中所述识别令牌，识别令牌的模式以及识别潜在利用的存在是基于用于特定语言的一组规则。还描述和要求保护系统和计算机可读存储介质。

3. 发明授权

US07975305B2 Method and system for adaptive rule-based content scanners for desktop computers 有权
标题翻译：桌面电脑基于自适应规则的内容扫描仪的方法和系统
公开(公告)号：US07975305B2
公开(公告)日：2011-07-05
申请号：US11009437
申请日：2004-12-09
申请人： Moshe Rubin , Moshe Matitya , Artem Melnick , Shlomo Touboul , Alexander Yermakov , Amit Shaked
发明人： Moshe Rubin , Moshe Matitya , Artem Melnick , Shlomo Touboul , Alexander Yermakov , Amit Shaked
IPC分类号： G06F11/00 , G06F21/00
CPC分类号： G06F21/563
摘要： A security system for scanning content within a computer, including a network interface, housed within a computer, for receiving content from the Internet on its destination to an Internet application running on the computer, a database of rules corresponding to computer exploits, stored within the computer, a rule-based content scanner that communicates with said database of rules, for scanning content to recognize the presence of potential exploits therewithin, a network traffic probe, operatively coupled to the network interface and to the rule-based content scanner, for selectively diverting content from its intended destination to the rule-based content scanner, and a rule update manager that communicates with said database of rules, for updating said database of rules periodically to incorporate new rules that are made available. A method and a computer readable storage medium are also described and claimed.
摘要翻译：一种用于扫描计算机内的内容的安全系统，包括位于计算机内的网络接口，用于从其目的地上的因特网接收内容到在计算机上运行的因特网应用程序的内容，存储在计算机内的规则对应的规则数据库计算机，与所述规则数据库通信的基于规则的内容扫描器，用于扫描内容以识别其中存在潜在漏洞;网络业务探测器，可操作地耦合到网络接口和基于规则的内容扫描器，用于选择性地将内容从其预期目的地转移到基于规则的内容扫描器，以及规则更新管理器，其与所述规则数据库进行通信，用于周期性地更新所述规则数据库以包含可用的新规则。还描述并要求保护方法和计算机可读存储介质。

4. 发明申请

US20050240999A1 Method and system for adaptive rule-based content scanners for desktop computers 有权
标题翻译：桌面电脑基于自适应规则的内容扫描仪的方法和系统
公开(公告)号：US20050240999A1
公开(公告)日：2005-10-27
申请号：US11009437
申请日：2004-12-09
申请人： Moshe Rubin , Moshe Matitya , Artem Melnick , Shlomo Touboul , Alexander Yermakov , Amit Shaked
发明人： Moshe Rubin , Moshe Matitya , Artem Melnick , Shlomo Touboul , Alexander Yermakov , Amit Shaked
IPC分类号： G06F11/30 , G06F12/14 , G06F21/00 , H04L9/00 , H04L9/32
CPC分类号： G06F21/563
摘要： A security system for scanning content within a computer, including a network interface, housed within a computer, for receiving content from the Internet on its destination to an Internet application running on the computer, a database of rules corresponding to computer exploits, stored within the computer, a rule-based content scanner that communicates with said database of rules, for scanning content to recognize the presence of potential exploits therewithin, a network traffic probe, operatively coupled to the network interface and to the rule-based content scanner, for selectively diverting content from its intended destination to the rule-based content scanner, and a rule update manager that communicates with said database of rules, for updating said database of rules periodically to incorporate new rules that are made available. A method and a computer readable storage medium are also described and claimed.
摘要翻译：一种用于扫描计算机内的内容的安全系统，包括位于计算机内的网络接口，用于从其目的地上的因特网接收内容到在计算机上运行的因特网应用程序的内容，存储在计算机内的规则对应的规则数据库计算机，基于规则的内容扫描器，其与所述规则数据库进行通信，用于扫描内容以识别其中的潜在漏洞的存在;网络流量探测器，可操作地耦合到网络接口和基于规则的内容扫描器，用于选择性地将内容从其预期目的地转移到基于规则的内容扫描器，以及规则更新管理器，其与所述规则数据库进行通信，用于周期性地更新所述规则数据库以包含可用的新规则。还描述并要求保护方法和计算机可读存储介质。

5. 发明授权

US09489515B2 System and method for blocking the transmission of sensitive data using dynamic data tainting 有权
标题翻译：使用动态数据污染来阻止敏感数据传输的系统和方法
公开(公告)号：US09489515B2
公开(公告)日：2016-11-08
申请号：US13156952
申请日：2011-06-09
申请人： Alexander Yermakov , Mark Kaplan
发明人： Alexander Yermakov , Mark Kaplan
IPC分类号： G06F21/56 , G06F17/22 , H04L29/06 , G06F21/55
CPC分类号： G06F21/563 , G06F17/227 , G06F21/554 , G06F21/56 , H04L63/0227 , H04L63/1408 , H04L63/168
摘要： Blocking transmission of tainted data using dynamic data tainting is described. For example, sensitive information is stored on a client device as tainted data. The client device generates a data request for retrieving data from a non-trusted entity via a network. A gateway is communicatively coupled to the client device and the network. The gateway receives computer code from the non-trusted entity via the network. The gateway executes the computer code. The gateway tracks the execution of the computer code to determine whether the computer code attempts to access tainted data and transmit the tainted data to an outside entity. The gateway blocks the transmission of the tainted data to the outside entity responsive to determining that the computer code has attempted to access tainted data and transmit the tainted data to an outside entity.
摘要翻译：描述了使用动态数据污染来阻止污染数据的传输。例如，敏感信息作为污染数据存储在客户端设备上。客户机设备经由网络产生用于从不可信实体检索数据的数据请求。网关通信地耦合到客户端设备和网络。网关通过网络从不可信实体接收计算机代码。网关执行计算机代码。网关跟踪计算机代码的执行，以确定计算机代码是否尝试访问污染的数据并将污染的数据传输到外部实体。响应于确定计算机代码已经尝试访问污染的数据并将污染的数据发送到外部实体，网关阻止将污染的数据传输到外部实体。

6. 发明申请

US20110307956A1 SYSTEM AND METHOD FOR ANALYZING MALICIOUS CODE USING A STATIC ANALYZER 有权
标题翻译：使用静态分析仪分析恶意代码的系统和方法
公开(公告)号：US20110307956A1
公开(公告)日：2011-12-15
申请号：US13156971
申请日：2011-06-09
申请人： Alexander Yermakov , Mark Kaplan
发明人： Alexander Yermakov , Mark Kaplan
IPC分类号： G06F11/00
CPC分类号： G06F21/563 , G06F17/227 , G06F21/554 , G06F21/56 , H04L63/0227 , H04L63/1408 , H04L63/168
摘要： Analyzing computer code using a tree is described. For example, a client device generates a data request for retrieving data from a non-trusted entity via a network. A gateway is communicatively coupled to the client device and to the network. The gateway is configured to receive computer code from the non-trusted entity via the network. The gateway builds a tree representing the computer code. The tree has one or more nodes. A node of the tree represents a statement from the computer code. The gateway analyzes the statement to identify symbol data. The symbol data describes a name of the variable and the value of the variable. The gateway stores the symbol data in a symbol table.
摘要翻译：描述使用树分析计算机代码。例如，客户机设备经由网络生成用于从不可信实体检索数据的数据请求。网关通信地耦合到客户端设备和网络。网关被配置为经由网络从不可信实体接收计算机代码。网关构建代表计算机代码的树。树有一个或多个节点。树的一个节点表示计算机代码中的一个语句。网关分析语句以识别符号数据。符号数据描述变量的名称和变量的值。网关将符号数据存储在符号表中。

7. 发明授权

US09081961B2 System and method for analyzing malicious code using a static analyzer 有权
标题翻译：使用静态分析仪分析恶意代码的系统和方法
公开(公告)号：US09081961B2
公开(公告)日：2015-07-14
申请号：US13156971
申请日：2011-06-09
申请人： Alexander Yermakov , Mark Kaplan
发明人： Alexander Yermakov , Mark Kaplan
IPC分类号： G06F21/56 , G06F17/22 , H04L29/06 , G06F21/55
CPC分类号： G06F21/563 , G06F17/227 , G06F21/554 , G06F21/56 , H04L63/0227 , H04L63/1408 , H04L63/168
摘要： Analyzing computer code using a tree is described. For example, a client device generates a data request for retrieving data from a non-trusted entity via a network. A gateway is communicatively coupled to the client device and to the network. The gateway is configured to receive computer code from the non-trusted entity via the network. The gateway builds a tree representing the computer code. The tree has one or more nodes. A node of the tree represents a statement from the computer code. The gateway analyzes the statement to identify symbol data. The symbol data describes a name of the variable and the value of the variable. The gateway stores the symbol data in a symbol table.
摘要翻译：描述使用树分析计算机代码。例如，客户机设备经由网络生成用于从不可信实体检索数据的数据请求。网关通信地耦合到客户端设备和网络。网关被配置为经由网络从不可信实体接收计算机代码。网关构建代表计算机代码的树。树有一个或多个节点。树的一个节点表示计算机代码中的一个语句。网关分析语句以识别符号数据。符号数据描述变量的名称和变量的值。网关将符号数据存储在符号表中。

8. 发明申请

US20110307951A1 SYSTEM AND METHOD FOR BLOCKING THE TRANSMISSION OF SENSITIVE DATA USING DYNAMIC DATA TAINTING 有权
标题翻译：使用动态数据采集阻塞传感数据的系统和方法
公开(公告)号：US20110307951A1
公开(公告)日：2011-12-15
申请号：US13156952
申请日：2011-06-09
申请人： Alexander Yermakov , Mark Kaplan
发明人： Alexander Yermakov , Mark Kaplan
IPC分类号： G06F21/20
CPC分类号： G06F21/563 , G06F17/227 , G06F21/554 , G06F21/56 , H04L63/0227 , H04L63/1408 , H04L63/168
摘要： Blocking transmission of tainted data using dynamic data tainting is described. For example, sensitive information is stored on a client device as tainted data. The client device generates a data request for retrieving data from a non-trusted entity via a network. A gateway is communicatively coupled to the client device and the network. The gateway receives computer code from the non-trusted entity via the network. The gateway executes the computer code. The gateway tracks the execution of the computer code to determine whether the computer code attempts to access tainted data and transmit the tainted data to an outside entity. The gateway blocks the transmission of the tainted data to the outside entity responsive to determining that the computer code has attempted to access tainted data and transmit the tainted data to an outside entity.
摘要翻译：描述了使用动态数据污染来阻止污染数据的传输。例如，敏感信息作为污染数据存储在客户端设备上。客户机设备经由网络产生用于从不可信实体检索数据的数据请求。网关通信地耦合到客户端设备和网络。网关通过网络从不可信实体接收计算机代码。网关执行计算机代码。网关跟踪计算机代码的执行，以确定计算机代码是否尝试访问污染的数据并将污染的数据传输到外部实体。响应于确定计算机代码已经尝试访问污染的数据并将污染的数据发送到外部实体，网关阻止将污染的数据传输到外部实体。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式