专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

11. 发明授权

US08881282B1 Systems and methods for malware attack detection and identification 有权
标题翻译：用于恶意软件攻击检测和识别的系统和方法
公开(公告)号：US08881282B1
公开(公告)日：2014-11-04
申请号：US11717476
申请日：2007-03-12
申请人： Ashar Aziz , Wei-Lung Lai , Jayaraman Manni
发明人： Ashar Aziz , Wei-Lung Lai , Jayaraman Manni
IPC分类号： G06F11/30 , G06F21/00 , G06F9/00
CPC分类号： G06F21/00 , G06F9/00 , G06F9/455 , G06F21/554 , G06F21/56 , H04L63/145 , H04L63/1491
摘要： Exemplary systems and methods for malware attack detection and identification are provided. A malware detection and identification system can comprise a controller. The controller can comprise an analysis environment configured to transmit network data to a virtual machine, flag input values associated with the network data from untrusted sources, monitor the flagged input values within the virtual machine, identify an outcome of one or more instructions that manipulate the flagged input values, and determine if the outcome of the one or more instructions comprise an unauthorized activity.
摘要翻译：提供了用于恶意软件攻击检测和识别的示例性系统和方法。恶意软件检测和识别系统可以包括控制器。控制器可以包括配置成将网络数据发送到虚拟机的分析环境，标识与来自不可信源的网络数据相关联的输入值，监视虚拟机内的标记输入值，识别操纵该虚拟机的一个或多个指令的结果标记的输入值，并且确定一个或多个指令的结果是否包括未经授权的活动。

12. 发明授权

US08566946B1 Malware containment on connection 有权
标题翻译：连接恶意软体
公开(公告)号：US08566946B1
公开(公告)日：2013-10-22
申请号：US11717475
申请日：2007-03-12
申请人： Ashar Aziz , Wei-Lung Lai , Jayaraman Manni
发明人： Ashar Aziz , Wei-Lung Lai , Jayaraman Manni
IPC分类号： G06F13/30
CPC分类号： G06F21/568 , G06F21/554 , G06F21/56 , G06F2009/45591 , H04L63/145 , H04L63/1491
摘要： Systems and methods for malware containment on connection are provided. Digital devices are quarantined for a predetermined period of time upon connection to the communication network. When a digital device is quarantined, all network data transmitted by the digital device is temporarily directed to a controller which then analyzes the network data to identify unauthorized activity and/or malware within the newly connected digital device. An exemplary method to contain malware comprises detecting a digital device upon connection with a communication network, temporarily redirecting network data from the digital device for a predetermined period of time, and analyzing the network data to identify malware within the digital device.
摘要翻译：提供了连接恶意软件包含系统和方法。连接到通信网络时，数字设备被隔离预定的时间段。当数字设备被隔离时，由数字设备发送的所有网络数据被临时指向控制器，控制器然后分析网络数据以识别新连接的数字设备内的未经授权的活动和/或恶意软件。包含恶意软件的示例性方法包括在与通信网络连接时检测数字设备，在预定时间段内临时地重定向来自数字设备的网络数据，以及分析网络数据以识别数字设备内的恶意软件。

13. 发明授权

US08171553B2 Heuristic based capture with replay to virtual machine 有权
标题翻译：基于启发式捕获，重放到虚拟机
公开(公告)号：US08171553B2
公开(公告)日：2012-05-01
申请号：US11409355
申请日：2006-04-20
申请人： Ashar Aziz , Adrian Drzewiecki , Ramesh Radhakrishnan , Jayaraman Manni , Muhammad Amin
发明人： Ashar Aziz , Adrian Drzewiecki , Ramesh Radhakrishnan , Jayaraman Manni , Muhammad Amin
IPC分类号： G06F11/30 , G06F12/14
CPC分类号： H04L63/1425 , G06F9/45537 , G06F9/45558 , G06F21/53 , G06F21/55 , G06F21/554 , G06F21/56 , G06F21/566 , G06F2009/45587 , G06F2009/45591 , G06F2009/45595 , G06F2221/034 , H04L63/0227 , H04L63/10 , H04L63/101 , H04L63/1408 , H04L63/1416 , H04L63/1433 , H04L63/145 , H04L63/1491 , H04L63/20
摘要： A suspicious activity capture system can comprise a tap configured to copy network data from a communication network, and a controller. The controller is coupled to the tap and is configured to receive the copy of the network data from the tap, analyze the copy of the network data with a heuristic to flag the network data as suspicious, and simulate transmission of the network data to a destination device.
摘要翻译：可疑活动捕获系统可以包括被配置为从通信网络复制网络数据的分接头和控制器。控制器耦合到抽头，并被配置为从抽头接收网络数据的副本，用启发式分析网络数据的副本以将网络数据标记为可疑，并且模拟网络数据到目的地的传输设备。

14. 发明申请

US20110078794A1 Network-Based Binary File Extraction and Analysis for Malware Detection 有权
标题翻译：基于网络的二进制文件提取和分析恶意软件检测
公开(公告)号：US20110078794A1
公开(公告)日：2011-03-31
申请号：US12571294
申请日：2009-09-30
申请人： Jayaraman Manni , Ashar Aziz , Fengmin Gong , Upendran Loganathan , Amin Sukhera
发明人： Jayaraman Manni , Ashar Aziz , Fengmin Gong , Upendran Loganathan , Amin Sukhera
IPC分类号： G06F11/00
CPC分类号： G06F21/567 , G06F21/566 , H04L63/1408
摘要： A system and method are disclosed for network-based file analysis for malware detection. Network content is received from a network tap. A binary packet is identified in the network content. A binary file, including the binary packet, is extracted from the network content. It is determined whether the extracted binary file is detected to be malware.
摘要翻译：公开了用于恶意软件检测的基于网络的文件分析的系统和方法。从网络点击接收网络内容。在网络内容中识别二进制数据包。从网络内容中提取包含二进制数据包的二进制文件。确定提取的二进制文件是否被检测为恶意软件。

15. 发明授权

US08832829B2 Network-based binary file extraction and analysis for malware detection 有权
标题翻译：基于网络的二进制文件提取和分析，用于恶意软件检测
公开(公告)号：US08832829B2
公开(公告)日：2014-09-09
申请号：US12571294
申请日：2009-09-30
申请人： Jayaraman Manni , Ashar Aziz , Fengmin Gong , Upendran Loganathan , Muhammad Amin
发明人： Jayaraman Manni , Ashar Aziz , Fengmin Gong , Upendran Loganathan , Muhammad Amin
IPC分类号： G06F11/00 , G06F21/56 , H04L29/06
CPC分类号： G06F21/567 , G06F21/566 , H04L63/1408
摘要： A system and method are disclosed for network-based file analysis for malware detection. Network content is received from a network tap. A binary packet is identified in the network content. A binary file, including the binary packet, is extracted from the network content. It is determined whether the extracted binary file is detected to be malware.
摘要翻译：公开了用于恶意软件检测的基于网络的文件分析的系统和方法。从网络点击接收网络内容。在网络内容中识别二进制数据包。从网络内容中提取包含二进制数据包的二进制文件。确定提取的二进制文件是否被检测为恶意软件。

16. 发明授权

US08539582B1 Malware containment and security analysis on connection 有权
标题翻译：连接恶意软件包含和安全性分析
公开(公告)号：US08539582B1
公开(公告)日：2013-09-17
申请号：US11717408
申请日：2007-03-12
申请人： Ashar Aziz , Wei-Lung Lai , Jayaraman Manni
发明人： Ashar Aziz , Wei-Lung Lai , Jayaraman Manni
IPC分类号： G08B23/00 , H04L29/06
CPC分类号： G06F21/554 , G06F9/45558 , G06F21/56 , G06F2009/45587 , H04L63/14 , H04L63/145 , H04L63/1491
摘要： Systems and methods for malware containment and security analysis on connection are provided. Digital devices are quarantined for a predetermined period of time upon connection to the communication network. When a digital device is quarantined, all network data transmitted by the digital device is directed to a controller which then analyzes the network data to identify unauthorized activity and/or malware within the newly connected digital device. An exemplary method to contain malware includes detecting a digital device upon connection with a communication network, quarantining network data from the digital device for a predetermined period of time, transmitting a command to the digital device to activate a security program to identify security risks, and analyzing the network data to identify malware within the digital device.
摘要翻译：提供了连接恶意软件包含和安全分析的系统和方法。连接到通信网络时，数字设备被隔离预定的时间段。当数字设备被隔离时，由数字设备发送的所有网络数据被引导到控制器，控制器然后分析网络数据以识别新连接的数字设备内的未经授权的活动和/或恶意软件。包含恶意软件的示例性方法包括在与通信网络连接时检测数字设备，在预定时间段内从数字设备隔离网络数据，向数字设备发送命令以激活安全程序以识别安全风险;以及分析网络数据以识别数字设备内的恶意软件。

17. 发明授权

US08291499B2 Policy based capture with replay to virtual machine 有权
标题翻译：基于策略的捕获，重播到虚拟机
公开(公告)号：US08291499B2
公开(公告)日：2012-10-16
申请号：US13423057
申请日：2012-03-16
申请人： Ashar Aziz , Adrian Drzewiecki , Ramesh Radhakrishnan , Jayaraman Manni , Muhammad Amin
发明人： Ashar Aziz , Adrian Drzewiecki , Ramesh Radhakrishnan , Jayaraman Manni , Muhammad Amin
IPC分类号： G06F11/30 , G06F12/14
CPC分类号： H04L63/1425 , G06F9/45537 , G06F9/45558 , G06F21/53 , G06F21/55 , G06F21/554 , G06F21/56 , G06F21/566 , G06F2009/45587 , G06F2009/45591 , G06F2009/45595 , G06F2221/034 , H04L63/0227 , H04L63/10 , H04L63/101 , H04L63/1408 , H04L63/1416 , H04L63/1433 , H04L63/145 , H04L63/1491 , H04L63/20
摘要： A suspicious activity capture system can comprise a tap configured to copy network data from a communication network, and a controller. The controller is coupled to the tap and is configured to receive the copy of the network data from the tap, analyze the copy of the network data to flag the network data as suspicious, and simulate transmission of the network data to a destination device.
摘要翻译：可疑活动捕获系统可以包括被配置为从通信网络复制网络数据的分接头和控制器。控制器耦合到抽头，并被配置为从分接头接收网络数据的副本，分析网络数据的副本以将网络数据标记为可疑，并且模拟网络数据到目的地设备的传输。

18. 发明授权

US08204984B1 Systems and methods for detecting encrypted bot command and control communication channels 有权
标题翻译：检测加密bot命令和控制通信信道的系统和方法
公开(公告)号：US08204984B1
公开(公告)日：2012-06-19
申请号：US11998750
申请日：2007-11-30
申请人： Ashar Aziz , Wei-Lung Lai , Jayaraman Manni
发明人： Ashar Aziz , Wei-Lung Lai , Jayaraman Manni
IPC分类号： G06F15/16
CPC分类号： H04L63/1416 , H04L63/0227 , H04L63/145 , H04L63/20 , H04L2463/144
摘要： Methods and systems for detecting encrypted bot command and control communication channels are provided. In the exemplary method, the presence of a communication channel between a first network device and a second network device is monitored. Active and inactive periods of the network device are detected and a reverse channel is determined based on the detection. The first network device may then be flagged as potentially infected or suspected based on the reverse channel determination.
摘要翻译：提供了检测加密僵尸命令和控制通信信道的方法和系统。在示例性方法中，监视在第一网络设备和第二网络设备之间的通信信道的存在。检测网络设备的有效和非活动时段，并根据检测确定反向信道。然后可以基于反向信道确定将第一网络设备标记为潜在感染或怀疑。

19. 发明申请

US20100192223A1 Detecting Malicious Network Content Using Virtual Environment Components 有权
标题翻译：使用虚拟环境组件检测恶意网络内容
公开(公告)号：US20100192223A1
公开(公告)日：2010-07-29
申请号：US12359252
申请日：2009-01-23
申请人： Osman Abdoul Ismael , Samuel Yie , Jayaraman Manni , Muhammad Amin , Bahman Mahbod
发明人： Osman Abdoul Ismael , Samuel Yie , Jayaraman Manni , Muhammad Amin , Bahman Mahbod
IPC分类号： G06F11/00
CPC分类号： H04L63/145 , G06F9/455 , G06F21/53 , G06F21/566 , G06F2221/2101 , G06F2221/2149 , H04L63/1408 , H04L63/1416 , H04L2463/144
摘要： Malicious network content is identified based on the behavior of one or more virtual environment components which process network content in a virtual environment. Network content can be monitored and analyzed using a set of heuristics. The heuristics identify suspicious network content communicated over a network. The suspicious network content can further be analyzed in a virtual environment that includes one or more virtual environment components. Each virtual environment component is configured to mimic live environment components, for example a browser application component or an operating system component. The suspicious network content is replayed in the virtual environment using one or more of the virtual environment components. The virtual environment component behavior is analyzed in view of an expected behavior to identify malicious network content. The malicious network content is then identified and processed.
摘要翻译：基于在虚拟环境中处理网络内容的一个或多个虚拟环境组件的行为来识别恶意网络内容。可以使用一组启发式方法来监控和分析网络内容。启发式识别通过网络传送的可疑网络内容。可疑网络内容可以在包括一个或多个虚拟环境组件的虚拟环境中进一步分析。每个虚拟环境组件都配置为模拟实时环境组件，例如浏览器应用程序组件或操作系统组件。使用一个或多个虚拟环境组件在虚拟环境中重播可疑网络内容。鉴于预期的行为来分析虚拟环境组件行为，以识别恶意网络内容。然后识别和处理恶意网络内容。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式