会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明申请
    • Bypassing software services to detect malware
    • 绕过软件服务来检测恶意软件
    • US20070180529A1
    • 2007-08-02
    • US11344360
    • 2006-01-30
    • Mihai CosteaYun Lin
    • Mihai CosteaYun Lin
    • G06F12/14
    • G06F21/567
    • A method, apparatus, and computer readable medium are provided by aspects of the present invention to determine whether a malware is resident on a host computer. In one embodiment, a method determines whether data that is characteristic of malware is loaded in the system memory of a host computer. More specifically, the method includes causing a device communicatively connected to a host computer to issue a request to obtain data loaded in the system memory. Then, when the requested data is received, a determination is made regarding whether the data is characteristic of malware. Since, the method causes data to be obtained directly from system memory without relying on software services on the host computer, malware that employs certain stealth techniques will be identified.
    • 通过本发明的方面提供方法,装置和计算机可读介质,以确定恶意软件是否驻留在主计算机上。 在一个实施例中,一种方法确定是否将具有恶意软件特征的数据加载到主计算机的系统存储器中。 更具体地,该方法包括使通信地连接到主计算机的设备发出获取加载到系统存储器中的数据的请求。 然后,当接收到所请求的数据时,确定数据是否是恶意软件的特征。 由于该方法可以直接从系统内存中获取数据,而不依赖主机上的软件服务,因此会识别采用某些隐身技术的恶意软件。
    • 2. 发明授权
    • Bypassing software services to detect malware
    • 绕过软件服务来检测恶意软件
    • US07757290B2
    • 2010-07-13
    • US11344360
    • 2006-01-30
    • Mihai CosteaYun Lin
    • Mihai CosteaYun Lin
    • G06F17/00G06F12/14G06F12/16G08B23/00
    • G06F21/567
    • A method, apparatus, and computer readable medium are provided by aspects of the present invention to determine whether a malware is resident on a host computer. In one embodiment, a method determines whether data that is characteristic of malware is loaded in the system memory of a host computer. More specifically, the method includes causing a device communicatively connected to a host computer to issue a request to obtain data loaded in the system memory. Then, when the requested data is received, a determination is made regarding whether the data is characteristic of malware. Since, the method causes data to be obtained directly from system memory without relying on software services on the host computer, malware that employs certain stealth techniques will be identified.
    • 通过本发明的方面提供方法,装置和计算机可读介质,以确定恶意软件是否驻留在主计算机上。 在一个实施例中,一种方法确定是否将具有恶意软件特征的数据加载到主计算机的系统存储器中。 更具体地,该方法包括使通信地连接到主计算机的设备发出获取加载到系统存储器中的数据的请求。 然后,当接收到所请求的数据时,确定数据是否是恶意软件的特性。 由于该方法可以直接从系统内存中获取数据,而不依赖主机上的软件服务,因此会识别采用某些隐身技术的恶意软件。
    • 7. 发明申请
    • FILTERING OF ELECTONIC MAIL MESSAGES DESTINED FOR AN INTERNAL NETWORK
    • 针对内部网络过滤电子邮件消息
    • US20110173272A1
    • 2011-07-14
    • US12687259
    • 2010-01-14
    • Mayerber L. Carvalho NetoChandresh K. JainMayank MehtaMihai Costea
    • Mayerber L. Carvalho NetoChandresh K. JainMayank MehtaMihai Costea
    • G06F15/16
    • G06Q10/107
    • A perimeter network may be utilized to filter electronic mail messages destined for an internal network. A computer may be utilized to monitor an electronic mail mailbox for changes to a safe recipients list and/or a blocked senders list. The computer may further be utilized to automatically copy the safe recipients list and/or the blocked senders list to a network directory in the internal network. The computer may further be utilized to automatically send the safe recipients list and/or the blocked senders list to a network directory in the perimeter network for utilization by one or more agents executing on a computer in the perimeter network. The one or more agents may be configured to utilize the safe recipients list and/or the blocked senders list to filter electronic mail messages received by the perimeter network which are destined for delivery to the internal network.
    • 外围网络可以用于过滤去往内部网络的电子邮件消息。 可以使用计算机来监视电子邮箱,以改变安全的收件人列表和/或阻止的发件人列表。 该计算机还可用于将安全接收者列表和/或被阻止的发送者列表自动复制到内部网络中的网络目录。 该计算机还可被用于将安全接收者列表和/或被阻止的发送者列表自动发送到外围网络中的网络目录,以供在周边网络中的计算机上执行的一个或多个代理人使用。 一个或多个代理可以被配置为利用安全收件人列表和/或被阻止的发件人列表来过滤由外部网络接收的电子邮件消息,这些邮件消息旨在传送到内部网络。
    • 9. 发明授权
    • Smart card with volatile memory file subsystem
    • 智能卡带有易失性存储器文件子系统
    • US07689795B2
    • 2010-03-30
    • US11095203
    • 2005-03-31
    • Vinay DeoMihai CosteaMahesh Sharad LotlikarTak Chung LungDavid MilsteinGilad Odinak
    • Vinay DeoMihai CosteaMahesh Sharad LotlikarTak Chung LungDavid MilsteinGilad Odinak
    • G06F13/00
    • G07F7/1008G06F17/30067G06Q20/341G06Q20/3576Y10S707/99956
    • An integrated circuit (IC) module allows volatile data generated by applications to be stored within volatile data files in the volatile memory. A file system tracks the location of all data files as residing in either volatile memory or nonvolatile memory and facilitates access to the volatile data files in volatile memory in a similar manner to accessing nonvolatile data files in nonvolatile memory. The file system exposes a set of application program interfaces (APIs) to allow applications to access the data files. The same APIs are used to access both volatile data files and nonvolatile data files. When an application requests access to a data file, the file system initially determines whether the application is authorized to gain access to the data file. If it is, the file system next determines whether the data file resides in volatile memory or nonvolatile memory. Once the memory region is identified, the file system identifies the physical location of the data file.
    • 集成电路(IC)模块允许由应用产生的易失性数据存储在易失性存储器中的易失性数据文件中。 文件系统跟踪驻留在易失性存储器或非易失性存储器中的所有数据文件的位置,并且以与在非易失性存储器中访问非易失性数据文件相似的方式便于访问易失性存储器中的易失性数据文件。 文件系统公开了一组应用程序接口(API),以允许应用程序访问数据文件。 使用相同的API来访问易失性数据文件和非易失性数据文件。 当应用程序请求访问数据文件时,文件系统最初确定应用程序是否被授权访问数据文件。 如果是,则文件系统接下来确定数据文件是驻留在易失性存储器还是非易失性存储器中。 一旦存储区域被识别,文件系统就会识别数据文件的物理位置。
    • 10. 发明申请
    • POST TRANSIT SPAM FILTERING
    • 过帐垃圾邮件过滤
    • US20080313285A1
    • 2008-12-18
    • US11763256
    • 2007-06-14
    • Mihai Costea
    • Mihai Costea
    • G06F15/16
    • G06Q10/107G06F21/55G06F2221/2101H04L51/12H04L63/0227
    • A system filters for electronic messages received from recently identified sources of unsolicited spam. A database comprises information regarding electronic messages that were previously received. The information may comprise an identification of the source of the electronic message. A server is programmed to identify sources of unsolicited electronic messages and search the database for electronic messages previously received from the identified source. The server is programmed to attempt to remove the previously received electronic messages originating from the identified source of spam from users' electronic message boxes prior to being viewed by the intended recipients.
    • 系统过滤从最近确定的未经请求的垃圾邮件来源收到的电子信息。 数据库包括关于先前接收的电子消息的信息。 信息可以包括电子消息的来源的标识。 服务器被编程为识别未经请求的电子消息的来源,并且搜索数据库中先前从所识别的源接收到的电子消息。 服务器被编程为在预期的接收者被查看之前尝试从用户的电子消息盒中去除先前接收到的来自所识别的垃圾邮件源的电子消息。