会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 2. 发明授权
    • Application program interface interception system and method
    • 应用程序接口拦截系统和方法
    • US07213153B2
    • 2007-05-01
    • US10874433
    • 2004-06-22
    • Yona HollanderOphir RachmanOded Horovitz
    • Yona HollanderOphir RachmanOded Horovitz
    • G06F9/44
    • G06F21/53G06F9/4484G06F12/1441G06F2209/542
    • A method of intercepting application program interface, including dynamic installation of associated software, within the user portion of an operating system. An API interception control server in conjunction with a system call interception module loads into all active process spaces an API interception module. An initializer module within the API interception module hooks and patches all API modules in the active process address space. When called by the application programs, the API routines' flow of execution, by virtue of their patched code, is re-directed into a user-supplied code in a pre-entry routine of the API interception module. The API routine might be completely by-passed or its input parameters might be filtered and changed by the user code. During the operation, the API routine is double-patched by the API interception module to ensure that all simultaneous calls to the API routine will re-direct its flow of control into the API interception module. A user-supplied code in a post-entry module of the API interception module might filter or change the return values of the API.
    • 在操作系统的用户部分内截取应用程序接口的方法,包括关联软件的动态安装。 API拦截控制服务器与系统调用拦截模块一起加载到所有活动进程空间中的一个API拦截模块。 API拦截模块中的初始化程序模块挂接并修补活动进程地址空间中的所有API模块。 当应用程序调用时,API程序的执行流程通过其修补的代码被重定向到API拦截模块的预入口例程中的用户提供的代码。 API例程可能被完全旁路,或者其输入参数可能被用户代码过滤和更改。 在操作期间,API例程由API拦截模块进行双重打补丁,以确保所有对API例程的同时调用都将其控制流重新引导到API拦截模块中。 API拦截模块的后进入模块中的用户提供的代码可能会过滤或更改API的返回值。
    • 3. 发明授权
    • Method and system for intercepting an application program interface
    • 拦截应用程序接口的方法和系统
    • US06823460B1
    • 2004-11-23
    • US09561395
    • 2000-04-28
    • Yona HollanderOphir RachmanOded Horovitz
    • Yona HollanderOphir RachmanOded Horovitz
    • G06F1130
    • G06F21/53G06F9/4484G06F12/1441G06F2209/542
    • A method of intercepting application program interface, including dynamic installation of associated software, within the user portion of an operating system. An API interception control server in conjunction with a system call interception module loads into all active process spaces an API interception module. An initializer module within the API interception module hooks and patches all API modules in the active process address space. When called by the application programs, the API routines' flow of execution, by virtue of their patched code, is re-directed into a user-supplied code in a pre-entry routine of the API interception module. The API routine might be completely by-passed or its input parameters might be filtered and changed by the user code. During the operation, the API routine is double-patched by the API interception module to ensure that all simultaneous calls to the API routine will re-direct its flow of control into the API interception module. A user-supplied code in a post-entry module of the API interception module might filter or change the return values of the API.
    • 在操作系统的用户部分内截取应用程序接口的方法,包括关联软件的动态安装。 API拦截控制服务器与系统调用拦截模块一起加载到所有活动进程空间中的一个API拦截模块。 API拦截模块中的初始化程序模块挂接并修补活动进程地址空间中的所有API模块。 当应用程序调用时,API程序的执行流程通过其修补的代码被重定向到API拦截模块的预入口例程中的用户提供的代码。 API例程可能被完全旁路,或者其输入参数可能被用户代码过滤和更改。 在操作期间,API例程由API拦截模块进行双重打补丁,以确保所有对API例程的同时调用都将其控制流重新引导到API拦截模块中。 API拦截模块的后进入模块中的用户提供的代码可能会过滤或更改API的返回值。
    • 6. 发明授权
    • System, method and computer program product for detection of unwanted processes
    • 用于检测不需要的过程的系统,方法和计算机程序产品
    • US07281268B2
    • 2007-10-09
    • US11055197
    • 2005-02-10
    • Yona HollanderOded Horovitz
    • Yona HollanderOded Horovitz
    • H04L9/00
    • G06F21/53G06F9/4484G06F12/1441G06F2209/542
    • A system, method and computer program product are provided which are capable of intercepting a call. Once intercepted, it is determined whether the call is associated with a previous sequence of calls in order to identify a correct sequence of calls associated with the intercepted call. Next, the call is associated with the correct sequence of calls. State information that is associated with the call is then gathered. Further, sequence state information is updated, and it is determined whether a process is unwanted based, at least in part, on such sequence state information. If it is determined that the process is unwanted, a reaction may be made to the unwanted process. If it is not determined that the process is unwanted, a next call may be intercepted, and so on.
    • 提供能够拦截呼叫的系统,方法和计算机程序产品。 一旦截获,确定呼叫是否与先前的呼叫序列相关联,以便识别与被截取的呼叫相关联的正确的呼叫序列。 接下来,呼叫与正确的呼叫序列相关联。 然后收集与呼叫相关联的状态信息。 此外,序列状态信息被更新,并且至少部分地基于这样的序列状态信息确定进程是否是不需要的。 如果确定该过程是不需要的,则可能会对不需要的过程进行反应。 如果不确定进程是不需要的,则可能会拦截下一个呼叫,依此类推。
    • 8. 发明申请
    • System, method and computer program product for detection of unwanted processes
    • 用于检测不需要的过程的系统,方法和计算机程序产品
    • US20050177752A1
    • 2005-08-11
    • US11055197
    • 2005-02-10
    • Yona HollanderOded Horovitz
    • Yona HollanderOded Horovitz
    • G06F1/00G06F9/40G06F12/14G06F21/00H04L9/00
    • G06F21/53G06F9/4484G06F12/1441G06F2209/542
    • A system, method and computer program product are provided which are capable of intercepting a call. Once intercepted, it is determined whether the call is associated with a previous sequence of calls in order to identify a correct sequence of calls associated with the intercepted call. Next, the call is associated with the correct sequence of calls. State information that is associated with the call is then gathered. Further, sequence state information is updated, and it is determined whether a process is unwanted based, at least in part, on such sequence state information. If it is determined that the process is unwanted, a reaction may be made to the unwanted process. If it is not determined that the process is unwanted, a next call may be intercepted, and so on.
    • 提供能够拦截呼叫的系统,方法和计算机程序产品。 一旦截获,确定呼叫是否与先前的呼叫序列相关联,以便识别与被截取的呼叫相关联的正确的呼叫序列。 接下来,呼叫与正确的呼叫序列相关联。 然后收集与呼叫相关联的状态信息。 此外,序列状态信息被更新,并且至少部分地基于这样的序列状态信息确定进程是否是不需要的。 如果确定该过程是不需要的,则可能会对不需要的过程进行反应。 如果不确定进程是不需要的,则可能会拦截下一个呼叫,依此类推。