专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20050283838A1 Malicious-process-determining method, data processing apparatus and recording medium 失效
标题翻译：恶意处理确定方法，数据处理装置和记录介质
公开(公告)号：US20050283838A1
公开(公告)日：2005-12-22
申请号：US11211735
申请日：2005-08-26
申请人： Kazunori Saito
发明人： Kazunori Saito
IPC分类号： G06F11/00 , G06F11/22 , G06F11/30 , G06F11/32 , G06F11/34 , G06F11/36 , G06F12/14 , G06F12/16 , G06F15/18 , G06F21/00 , G08B23/00 , H04L9/32
CPC分类号： G06F21/563
摘要： A malicious-process-determining method, a data processing apparatus, and a recording medium according to the present invention each consists of reading the data stored in a buffer memory by one byte, and for a plurality of instruction sequences each having a different read address, sequentially analyzing what kind of instruction code is contained therein. When the int instruction is contained in the analyzed instruction sequence, the number of times the immediate value is pushed to the stack is greater than 1, and the character code corresponding to “/” is contained in the virtual stack, a determination is made that a malicious code is contained in the relevant instruction sequence.
摘要翻译：根据本发明的恶意处理确定方法，数据处理装置和记录介质各自包括将存储在缓冲存储器中的数据读取一个字节，并且对于多个指令序列，每个指令序列具有不同的读取地址顺序地分析其中包含什么样的指令码。当分析的指令序列中包含int指令时，立即值被推送到堆栈的次数大于1，并且对应于“/”的字符代码包含在虚拟堆栈中，确定相关指令序列中包含恶意代码。

2. 发明授权

US07895655B2 Malicious-process-determining method, data processing apparatus and recording medium 失效
标题翻译：恶意处理确定方法，数据处理装置和记录介质
公开(公告)号：US07895655B2
公开(公告)日：2011-02-22
申请号：US11211556
申请日：2005-08-26
申请人： Kazunori Saito
发明人： Kazunori Saito
IPC分类号： G06F12/14 , G06F12/16 , G08B9/00
CPC分类号： G06F21/52 , G06F21/566
摘要： A malicious process method, a data processing apparatus and a recording medium according to the present invention reads data stored in a buffer memory in terms of bytes and sequentially analyzes what kind of instruction code is included in a plurality of instruction sequence having different read positions. It is determined that a malicious code is included in an instruction sequence when an int instruction is included in an analyzed instruction sequence, an instruction code has a particular emergence pattern and a character code corresponding to “/” is included in stored command data.
摘要翻译：根据本发明的恶意处理方法，数据处理装置和记录介质以字节读取存储在缓冲存储器中的数据，并且顺序地分析在具有不同读取位置的多个指令序列中包括哪种指令代码。当分配的指令序列中包含int指令时，确定恶意代码包括在指令序列中，指令代码具有特定的出现模式，并且与存储的命令数据中包含与“/”相对应的字符代码。

3. 发明授权

US07827612B2 Malicious-process-determining method, data processing apparatus and recording medium 失效
标题翻译：恶意处理确定方法，数据处理装置和记录介质
公开(公告)号：US07827612B2
公开(公告)日：2010-11-02
申请号：US11211735
申请日：2005-08-26
申请人： Kazunori Saito
发明人： Kazunori Saito
IPC分类号： G06F12/14
CPC分类号： G06F21/563
摘要： A malicious-process-determining method, a data processing apparatus, and a recording medium according to the present invention each consists of reading the data stored in a buffer memory by one byte, and for a plurality of instruction sequences each having a different read address, sequentially analyzing what kind of instruction code is contained therein. When the int instruction is contained in the analyzed instruction sequence, the number of times the immediate value is pushed to the stack is greater than 1, and the character code corresponding to “/” is contained in the virtual stack, a determination is made that a malicious code is contained in the relevant instruction sequence.
摘要翻译：根据本发明的恶意处理确定方法，数据处理装置和记录介质各自包括将存储在缓冲存储器中的数据读取一个字节，并且对于多个指令序列，每个指令序列具有不同的读取地址顺序地分析其中包含什么样的指令码。当分析的指令序列中包含int指令时，立即值被推送到堆栈的次数大于1，并且对应于“/”的字符代码包含在虚拟堆栈中，确定相关指令序列中包含恶意代码。

4. 发明授权

US07805760B2 Data processing method, data processing device computer program and recording medium 失效
标题翻译：数据处理方法，数据处理装置计算机程序和记录介质
公开(公告)号：US07805760B2
公开(公告)日：2010-09-28
申请号：US10523690
申请日：2003-08-04
申请人： Kazunori Saito
发明人： Kazunori Saito
IPC分类号： G06F11/00 , G06F9/44 , G06F11/30
CPC分类号： G06F21/566
摘要： The branch origin address and branch destination address of a branch instruction (jmp instruction) are stored, a judgment is made as to whether or not a call instruction for calling an instruction code group for executing an external command is associated with the branch destination address, a judgment is made as to whether or not the call destination address is between the branch origin address and the branch destination address if the call instruction is associated with the branch destination address, and information indicating that malicious code was detected is generated if the call destination of the call instruction is between the branch origin address and the branch destination address.
摘要翻译：存储分支指令（jmp指令）的分支起始地址和分支目的地地址，判定用于调用用于执行外部命令的指令代码组的调用指令是否与分支目的地地址相关联，如果呼叫指示与分支目的地地址相关联，则判定呼叫目的地地址是否在分支起始地址和分支目的地地址之间，并且如果呼叫目的地产生了指示检测到恶意代码的信息的呼叫指令位于分支起始地址和分支目的地址之间。

5. 发明申请

US20060026685A1 Malicious-process-determining method, data processing apparatus and recording medium 失效
标题翻译：恶意处理确定方法，数据处理装置和记录介质
公开(公告)号：US20060026685A1
公开(公告)日：2006-02-02
申请号：US11211556
申请日：2005-08-26
申请人： Kazunori Saito
发明人： Kazunori Saito
IPC分类号： G06F12/14
CPC分类号： G06F21/52 , G06F21/566
摘要： A malicious process method, a data processing apparatus and a recording medium according to the present invention reads data stored in a buffer memory in terms of bytes and sequentially analyzes what kind of instruction code is included in a plurality of instruction sequence having different read positions. It is determined that a malicious code is included in an instruction sequence when an int instruction is included in an analyzed instruction sequence, an instruction code has a particular emergence pattern and a character code corresponding to “/” is included in stored command data.
摘要翻译：根据本发明的恶意处理方法，数据处理装置和记录介质以字节读取存储在缓冲存储器中的数据，并且顺序地分析在具有不同读取位置的多个指令序列中包括哪种指令代码。当分配的指令序列中包含int指令时，确定恶意代码包括在指令序列中，指令代码具有特定的出现模式，并且与存储的命令数据中包含与“/”相对应的字符代码。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式