专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07802298B1 Methods and apparatus for protecting computers against phishing attacks 有权
标题翻译：保护计算机免受网路钓鱼攻击的方法和设备
公开(公告)号：US07802298B1
公开(公告)日：2010-09-21
申请号：US11502050
申请日：2006-08-10
申请人： Paul Hong , Xiaoming Zhao , Gang Chen
发明人： Paul Hong , Xiaoming Zhao , Gang Chen
IPC分类号： G08B23/00 , G06F12/14
CPC分类号： H04L63/1441 , G06F21/51 , G06F21/554 , G06F2221/2119 , H04L63/1483
摘要： In one embodiment, a client computer is protected from phishing attacks using a sensitive state monitor and a phishing site detector. The sensitive state monitor may detect reception of a web page displayed in a web browser of the client computer. The sensitive state monitor may determine whether or not the web page is a sensitive web page, such as those used to receive user confidential information. When the sensitive state monitor determines that the web page is sensitive, the sensitive state monitor may ask the user to confirm that the web page is indeed sensitive. After user confirmation, the sensitive state monitor may invoke the phishing site detector, which may determine whether or not the website serving the web page is a phishing site.
摘要翻译：在一个实施例中，使用敏感状态监视器和网络钓鱼站点检测器来保护客户端计算机免受网络钓鱼攻击。敏感状态监视器可以检测在客户端计算机的网络浏览器中显示的网页的接收。敏感状态监视器可以确定网页是否是敏感网页，例如用于接收用户机密信息的网页。当敏感状态监视器确定网页敏感时，敏感状态监视器可能会要求用户确认网页确实是敏感的。用户确认后，敏感状态监视器可以调用网络钓鱼站点检测器，这可以确定服务网页的网站是否是网络钓鱼站点。

2. 发明授权

US07802303B1 Real-time in-line detection of malicious code in data streams 有权
标题翻译：实时在线检测数据流中的恶意代码
公开(公告)号：US07802303B1
公开(公告)日：2010-09-21
申请号：US11478705
申请日：2006-06-30
申请人： Xiaoming Zhao , Gang Chen , Paul Hong
发明人： Xiaoming Zhao , Gang Chen , Paul Hong
IPC分类号： G08B23/00 , G06F12/14
CPC分类号： G06F21/564
摘要： In one embodiment, a data stream is scanned for presence of computer viruses using a stream-based protocol parser, a stream-based decoder/decompressor, and a stream-based pattern matching engine. The protocol parser may be configured to extract application layer content from the data stream to generate a file stream. The protocol parser may stream the file stream to the decoder/decompressor, which may decode/decompress the file stream to generate a plain stream. The decoder/decompressor may stream the plain stream to the pattern matching engine, which in turn may scan the plain stream for viruses. Advantageously, the aforementioned components may perform its function as soon as streaming data becomes available, without having to wait for the entirety of the data.
摘要翻译：在一个实施例中，使用基于流的协议解析器，基于流的解码器/解压缩器和基于流的模式匹配引擎扫描数据流以存在计算机病毒。协议解析器可以被配置为从数据流中提取应用层内容以生成文件流。协议解析器可以将文件流传送到解码器/解压缩器，其可解码/解压缩文件流以生成简单流。解码器/解压缩器可以将平滑流传送到模式匹配引擎，该引擎又可以扫描普通流的病毒。有利的是，只要流数据变得可用，上述组件可以执行其功能，而不必等待整个数据。

3. 发明授权

US08032757B1 Methods and apparatus for content fingerprinting for information leakage prevention 有权
标题翻译：内容指纹识别方法和设备，用于信息泄露预防
公开(公告)号：US08032757B1
公开(公告)日：2011-10-04
申请号：US12122003
申请日：2008-05-16
申请人： Xiaoming Zhao , Gang Chen , Kan Dong
发明人： Xiaoming Zhao , Gang Chen , Kan Dong
IPC分类号： G06F21/00
CPC分类号： G06F21/552 , G06F21/6272
摘要： Processes for fingerprinting a document and for preventing information leakage at a deployment point are disclosed. For fingerprinting a document, a sequence of hash values for a document is generated, a portion of said hash values to be selected as fingerprints for the document. A current window is positioned over a portion of the sequence of hash values. The hash values are examined starting from one end of the current window, and a first-encountered hash value that is 0 modulo P is selected to be a fingerprint for the current window. For information leakage prevention at a deployment point, a rolling hash calculation is performed on a target document, and a determination is made if a hash value is 0 modulo P. A first filter is applied if the hash value is 0 modulo P, and a second filter is otherwise applied. Other embodiments, aspects and features are also disclosed.
摘要翻译：公开了用于指纹文档和防止在部署点处的信息泄漏的过程。为了对文档进行指纹识别，生成文档的散列值序列，所述散列值的一部分被选择为文档的指纹。当前窗口位于哈希值序列的一部分上。从当前窗口的一端开始检查哈希值，并且选择0模P的首次遇到的哈希值作为当前窗口的指纹。为了在部署点进行信息泄露防止，对目标文件执行滚动哈希计算，并且确定散列值是否为0模P。如果散列值为0，则应用第一滤波器P，并且否则应用第二滤波器。还公开了其它实施例，方面和特征。

4. 发明授权

US08649515B1 Controlled sharing of media data that are retrievable over a public computer network 有权
标题翻译：通过公共计算机网络检索的媒体数据的受控共享
公开(公告)号：US08649515B1
公开(公告)日：2014-02-11
申请号：US12702160
申请日：2010-02-08
申请人： Xiaoming Zhao , Gang Chen
发明人： Xiaoming Zhao , Gang Chen
IPC分类号： H04N7/167
CPC分类号： H04N21/26606 , G06F21/6209 , G06F2221/2107 , H04N21/23103 , H04N21/2541
摘要： An owner of media data encrypts the media data using a session key. The session key is encrypted using a public key of a designated recipient of the media data. A key manager provides the encrypted session key to the recipient while the owner is sharing the media data with the recipient. The encrypted media data is published and accessed by the recipient over a public computer network. The encrypted session key and the encrypted media data are received in the recipient's computer, where the encrypted session key is decrypted into the session key using the recipient's private key and the encrypted media data is decrypted into the media data using the session key. When the owner is no longer sharing the media data with the recipient, the recipient is prevented from further receiving the encrypted session key from the key manager.
摘要翻译：媒体数据的所有者使用会话密钥加密媒体数据。会话密钥使用媒体数据的指定接收者的公开密钥进行加密。密钥管理器将所加密的会话密钥提供给收件人，而所有者与收件人共享媒体数据。加密的媒体数据由接收者通过公共计算机网络发布和访问。加密的会话密钥和加密的媒体数据在接收者的计算机中被接收，其中使用接收方的私人密钥将加密的会话密钥解密成会话密钥，并且使用会话密钥将加密的媒体数据解密成媒体数据。当所有者不再与收件人共享媒体数据时，阻止接收者进一步从密钥管理器接收加密的会话密钥。

5. 发明授权

US08549309B1 Asymmetric content fingerprinting with adaptive window sizing 有权
公开(公告)号：US08549309B1
公开(公告)日：2013-10-01
申请号：US13566861
申请日：2012-08-03
申请人： Xiaoming Zhao , Gang Chen , Kan Dong
发明人： Xiaoming Zhao , Gang Chen , Kan Dong
IPC分类号： H04L9/32
CPC分类号： G06F21/554 , G06F21/556 , G06F21/606 , G06F21/6209 , G06F21/64 , G06F2221/0737 , H04L9/3239 , H04L2209/60
摘要： Processes for fingerprinting a document file and for preventing information leakage are disclosed. Computer apparatus for implementing said processes are also disclosed. For fingerprinting a document, the document is provided and may be normalized. A sequence of hash values are generated for the document. A window size is adaptively determined depending upon the document. Fingerprints for the document are selected from amongst the hash values using the adaptively-sized window. The fingerprints for the document are added to a fingerprint set for content being protected by the information leakage prevention system. For information leakage prevention, suspect documents are processed at the deployment points by extracting fingerprints from the suspect documents and matching the extracted fingerprints against the fingerprints in the fingerprint set. Different fingerprint extraction methods are used at the server and the deployment points. Other embodiments, aspects and features are also disclosed.

6. 发明授权

US08386792B1 Asymmetric content fingerprinting with adaptive window sizing 有权
标题翻译：不对称内容指纹与自适应窗口大小
公开(公告)号：US08386792B1
公开(公告)日：2013-02-26
申请号：US12136583
申请日：2008-06-10
申请人： Xiaoming Zhao , Gang Chen , Kan Dong
发明人： Xiaoming Zhao , Gang Chen , Kan Dong
IPC分类号： H04L9/32
CPC分类号： G06F21/554 , G06F21/556 , G06F21/606 , G06F21/6209 , G06F21/64 , G06F2221/0737 , H04L9/3239 , H04L2209/60
摘要： Processes for fingerprinting a document file and for preventing information leakage are disclosed. Computer apparatus for implementing said processes are also disclosed. For fingerprinting a document, the document is provided and may be normalized. A sequence of hash values are generated for the document. A window size is adaptively determined depending upon the document. Fingerprints for the document are selected from amongst the hash values using the adaptively-sized window. The fingerprints for the document are added to a fingerprint set for content being protected by the information leakage prevention system. For information leakage prevention, suspect documents are processed at the deployment points by extracting fingerprints from the suspect documents and matching the extracted fingerprints against the fingerprints in the fingerprint set. Different fingerprint extraction methods are used at the server and the deployment points. Other embodiments, aspects and features are also disclosed.
摘要翻译：公开了用于指纹文档和防止信息泄漏的过程。还公开了用于实现所述处理的计算机装置。为了对文档进行指纹识别，提供文档并将其标准化。为文档生成一系列哈希值。窗口尺寸根据文档自适应地确定。使用自适应大小的窗口从散列值中选择文档的指纹。将文档的指纹添加到由信息泄漏防护系统保护的内容的指纹集中。为了防止信息泄露，可以通过从嫌疑文件中提取指纹，并将提取的指纹与指纹集中的指纹进行匹配，在部署点处理疑似文件。在服务器和部署点使用不同的指纹提取方法。还公开了其它实施例，方面和特征。

7. 发明授权

US08272051B1 Method and apparatus of information leakage prevention for database tables 有权
标题翻译：数据库表的信息泄漏预防方法和装置
公开(公告)号：US08272051B1
公开(公告)日：2012-09-18
申请号：US12056923
申请日：2008-03-27
申请人： Xiaoming Zhao , Gang Chen , Kan Dong
发明人： Xiaoming Zhao , Gang Chen , Kan Dong
IPC分类号： H04L29/06
CPC分类号： H04L63/0245 , H04L63/1416
摘要： A process of information leakage prevention for sensitive information in a database table. Content to be inspected is extracted at a deployment point. The content is processed by a first fingerprinting module to determine if the content matches fingerprint signatures generated from database cells between a first threshold size and a second threshold size which is larger than the first threshold size. The content is also processed by a second fingerprinting module to determine if the content matches fingerprint signatures generated from database cells larger than the second threshold size. The content may also be filtered, and the filtered content processed with an exact match module to determine if the filtered content exactly matches data from cells smaller than the first threshold size. Other embodiments, aspects and features are also disclosed.
摘要翻译：数据库表中敏感信息的信息泄露预防过程。在部署点提取要检查的内容。内容由第一指纹模块处理以确定内容是否匹配从第一阈值大小和大于第一阈值大小的第二阈值大小之间从数据库单元生成的指纹签名。内容还由第二指纹模块处理，以确定内容是否匹配从大于第二阈值大小的数据库单元生成的指纹签名。还可以对内容进行过滤，并且用精确匹配模块处理过滤的内容，以确定经滤波的内容是否与小于第一阈值大小的小区的数据精确匹配。还公开了其它实施例，方面和特征。

8. 发明授权

US08024790B2 Portable secured computing environment for performing online confidential transactions in untrusted computers 有权
标题翻译：便携式安全计算环境，用于在不受信任的计算机中执行联机机密事务
公开(公告)号：US08024790B2
公开(公告)日：2011-09-20
申请号：US11786099
申请日：2007-04-11
申请人： Xiaoming Zhao , Gang Chen , Heather Xing
发明人： Xiaoming Zhao , Gang Chen , Heather Xing
IPC分类号： G06F21/00 , H04L29/06
CPC分类号： G06F9/45537 , G06F21/57 , G06F21/575
摘要： A portable secured computing environment for performing online confidential transactions in an untrusted host computer. The secured computing environment may be loaded from a portable storage device, such as a USB stick, plugged into a peripheral port of the host computer. The secured computing environment may include a virtual machine running under a host operating system of the host computer. A secured operating system may be running in the virtual machine. An online application, such as a web browser in communication with an online service, may be run under the secured operating system. Operation of the online application may be restricted by a security profile. For example, the online application may only access network addresses specifically indicated in a whitelist of the security profile.
摘要翻译：用于在不受信任的主机中执行联机机密事务的便携式安全计算环境。安全的计算环境可以从插入主计算机的外围端口的诸如USB棒的便携式存储设备加载。安全的计算环境可以包括在主计算机的主机操作系统下运行的虚拟机。安全的操作系统可能在虚拟机中运行。诸如与在线服务通信的网络浏览器的在线应用可以在安全操作系统下运行。在线应用程序的操作可能受到安全配置文件的限制。例如，在线应用程序可能仅访问安全配置文件的白名单中明确指定的网络地址。

9. 发明授权

US07836502B1 Scheduled gateway scanning arrangement and methods thereof 有权
标题翻译：计划网关扫描布置及其方法
公开(公告)号：US07836502B1
公开(公告)日：2010-11-16
申请号：US11773072
申请日：2007-07-03
申请人： Xiaoming Zhao , Gang Chen , Eric Chang
发明人： Xiaoming Zhao , Gang Chen , Eric Chang
IPC分类号： G06F11/00 , H04L9/32
CPC分类号： H04L63/145 , G06F21/6218 , H04L63/1416
摘要： A method for performing content analysis of a plurality of resources is provided. The method includes performing background content scanning on the plurality of resources based on a resource priority queue. The method also includes storing already scanned resources of the plurality of resources in a scan result database. The method further includes receiving a first access request asynchronously with the scanning and the storing. The method yet also includes, if the first access request pertains to a given resource not contemporaneously designated as a satisfactory scan result according to the scan result database, granting the given resource a higher priority in the resource priority queue than resources remaining to be scanned in the plurality of resources, thereby enabling the given resource to be scanned ahead of the resources remaining to be scanned.
摘要翻译：提供了一种用于执行多个资源的内容分析的方法。该方法包括基于资源优先级队列对多个资源进行后台内容扫描。该方法还包括将已经扫描的多个资源的资源存储在扫描结果数据库中。该方法还包括与扫描和存储异步地接收第一访问请求。该方法还包括如果第一访问请求与根据扫描结果数据库不同时被指定为令人满意的扫描结果的给定资源相关，则给予资源在资源优先级队列中比待扫描的资源更高的优先级多个资源，从而使给定的资源能够在剩余待扫描的资源之前被扫描。

10. 发明授权

US08135119B1 Techniques for protecting telephone users from caller ID spoofing attacks 有权
标题翻译：保护电话用户免受来电显示欺骗攻击的技术
公开(公告)号：US08135119B1
公开(公告)日：2012-03-13
申请号：US12264514
申请日：2008-11-04
申请人： Xiaoming Zhao , Gang Chen , Kan Dong
发明人： Xiaoming Zhao , Gang Chen , Kan Dong
IPC分类号： H04M1/56
CPC分类号： H04M1/57 , H04M1/642 , H04M1/663 , H04M1/665 , H04M1/7385
摘要： A caller ID verifier may be employed to protect telephone users against caller ID spoofing. The caller ID verifier may be implemented in a telephony apparatus, such as a smart phone, stand alone caller ID device, or telephone network infrastructure, for example. Telephone numbers of related callers may be grouped into caller groups. The caller ID verifier may be configured to play one of several audio messages depending on the caller group of the telephone number corresponding to the caller ID of the telephone call. An audio message may include a question. The caller ID verifier may forward the telephone call to the telephone user when the caller answers the question correctly. Otherwise, the caller ID verifier may terminate the telephone call and give the telephone user the option to return the telephone call using the caller ID.
摘要翻译：可以采用呼叫者ID验证器来保护电话用户免受呼叫者ID欺骗。呼叫者ID验证器可以在例如智能电话，独立呼叫者ID设备或电话网络基础设施的电话设备中实现。相关呼叫者的电话号码可以分组到呼叫者组中。呼叫者ID验证器可以被配置为根据与电话呼叫的呼叫者ID相对应的电话号码的呼叫者组来播放几个音频消息中的一个。音频消息可能包含一个问题。当主叫方正确地回答问题时，呼叫者ID验证者可以将电话呼叫转发给电话用户。否则，呼叫者ID验证者可以终止电话呼叫并给电话用户使用呼叫者ID返回电话呼叫的选项。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式