专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

11. 发明授权

US08561177B1 Systems and methods for detecting communication channels of bots 有权
标题翻译：用于检测漫游器通信信道的系统和方法
公开(公告)号：US08561177B1
公开(公告)日：2013-10-15
申请号：US11998605
申请日：2007-11-30
申请人： Ashar Aziz , Wei-Lung Lai , Jayaraman Manni
发明人： Ashar Aziz , Wei-Lung Lai , Jayaraman Manni
IPC分类号： G06F21/00
CPC分类号： G06F21/554 , G06F21/56 , G06F2009/45591 , H04L63/145 , H04L63/1491 , H04L2463/144
摘要： Exemplary systems and methods for detecting a communication channel of a bot. In exemplary embodiments, presence of a communication channel between a first network device and a second network device is detected. Data from the communication channel is scanned and used to determine if a suspected bot communication exists. If a bot communication is detected, then a recovery process may be initiated.
摘要翻译：用于检测机器人的通信信道的示例性系统和方法。在示例性实施例中，检测在第一网络设备和第二网络设备之间存在通信信道。来自通信信道的数据被扫描并用于确定是否存在可疑的机器人通信。如果检测到机器人通信，则可以启动恢复过程。

12. 发明申请

US20120117652A1 Network-Based Binary File Extraction and Analysis for Malware Detection 有权
标题翻译：基于网络的二进制文件提取和分析恶意软件检测
公开(公告)号：US20120117652A1
公开(公告)日：2012-05-10
申请号：US13350645
申请日：2012-01-13
申请人： Jayaraman Manni , Ashar Aziz , Fengmin Gong , Upendran Loganathan , Amin Sukhera
发明人： Jayaraman Manni , Ashar Aziz , Fengmin Gong , Upendran Loganathan , Amin Sukhera
IPC分类号： G06F12/14
CPC分类号： G06F21/567 , G06F21/566 , H04L63/1408
摘要： A system and method are disclosed for network-based file analysis for malware detection. Network content is received from a network tap. A binary packet is identified in the network content. A binary file, including the binary packet, is extracted from the network content. It is determined whether the extracted binary file is detected to be malware.
摘要翻译：公开了用于恶意软件检测的基于网络的文件分析的系统和方法。从网络点击接收网络内容。在网络内容中识别二进制数据包。从网络内容中提取包含二进制数据包的二进制文件。确定提取的二进制文件是否被检测为恶意软件。

13. 发明授权

US08881282B1 Systems and methods for malware attack detection and identification 有权
标题翻译：用于恶意软件攻击检测和识别的系统和方法
公开(公告)号：US08881282B1
公开(公告)日：2014-11-04
申请号：US11717476
申请日：2007-03-12
申请人： Ashar Aziz , Wei-Lung Lai , Jayaraman Manni
发明人： Ashar Aziz , Wei-Lung Lai , Jayaraman Manni
IPC分类号： G06F11/30 , G06F21/00 , G06F9/00
CPC分类号： G06F21/00 , G06F9/00 , G06F9/455 , G06F21/554 , G06F21/56 , H04L63/145 , H04L63/1491
摘要： Exemplary systems and methods for malware attack detection and identification are provided. A malware detection and identification system can comprise a controller. The controller can comprise an analysis environment configured to transmit network data to a virtual machine, flag input values associated with the network data from untrusted sources, monitor the flagged input values within the virtual machine, identify an outcome of one or more instructions that manipulate the flagged input values, and determine if the outcome of the one or more instructions comprise an unauthorized activity.
摘要翻译：提供了用于恶意软件攻击检测和识别的示例性系统和方法。恶意软件检测和识别系统可以包括控制器。控制器可以包括配置成将网络数据发送到虚拟机的分析环境，标识与来自不可信源的网络数据相关联的输入值，监视虚拟机内的标记输入值，识别操纵该虚拟机的一个或多个指令的结果标记的输入值，并且确定一个或多个指令的结果是否包括未经授权的活动。

14. 发明授权

US08566946B1 Malware containment on connection 有权
标题翻译：连接恶意软体
公开(公告)号：US08566946B1
公开(公告)日：2013-10-22
申请号：US11717475
申请日：2007-03-12
申请人： Ashar Aziz , Wei-Lung Lai , Jayaraman Manni
发明人： Ashar Aziz , Wei-Lung Lai , Jayaraman Manni
IPC分类号： G06F13/30
CPC分类号： G06F21/568 , G06F21/554 , G06F21/56 , G06F2009/45591 , H04L63/145 , H04L63/1491
摘要： Systems and methods for malware containment on connection are provided. Digital devices are quarantined for a predetermined period of time upon connection to the communication network. When a digital device is quarantined, all network data transmitted by the digital device is temporarily directed to a controller which then analyzes the network data to identify unauthorized activity and/or malware within the newly connected digital device. An exemplary method to contain malware comprises detecting a digital device upon connection with a communication network, temporarily redirecting network data from the digital device for a predetermined period of time, and analyzing the network data to identify malware within the digital device.
摘要翻译：提供了连接恶意软件包含系统和方法。连接到通信网络时，数字设备被隔离预定的时间段。当数字设备被隔离时，由数字设备发送的所有网络数据被临时指向控制器，控制器然后分析网络数据以识别新连接的数字设备内的未经授权的活动和/或恶意软件。包含恶意软件的示例性方法包括在与通信网络连接时检测数字设备，在预定时间段内临时地重定向来自数字设备的网络数据，以及分析网络数据以识别数字设备内的恶意软件。

15. 发明申请

US20110078794A1 Network-Based Binary File Extraction and Analysis for Malware Detection 有权
标题翻译：基于网络的二进制文件提取和分析恶意软件检测
公开(公告)号：US20110078794A1
公开(公告)日：2011-03-31
申请号：US12571294
申请日：2009-09-30
申请人： Jayaraman Manni , Ashar Aziz , Fengmin Gong , Upendran Loganathan , Amin Sukhera
发明人： Jayaraman Manni , Ashar Aziz , Fengmin Gong , Upendran Loganathan , Amin Sukhera
IPC分类号： G06F11/00
CPC分类号： G06F21/567 , G06F21/566 , H04L63/1408
摘要： A system and method are disclosed for network-based file analysis for malware detection. Network content is received from a network tap. A binary packet is identified in the network content. A binary file, including the binary packet, is extracted from the network content. It is determined whether the extracted binary file is detected to be malware.
摘要翻译：公开了用于恶意软件检测的基于网络的文件分析的系统和方法。从网络点击接收网络内容。在网络内容中识别二进制数据包。从网络内容中提取包含二进制数据包的二进制文件。确定提取的二进制文件是否被检测为恶意软件。

16. 发明授权

US07237077B1 Tool for disk image replication 有权
标题翻译：磁盘映像复制工具
公开(公告)号：US07237077B1
公开(公告)日：2007-06-26
申请号：US10731681
申请日：2003-12-08
申请人： Martin Patterson , Shriram Krishnan , Jayaraman Manni , Benjamin H. Stoltz
发明人： Martin Patterson , Shriram Krishnan , Jayaraman Manni , Benjamin H. Stoltz
IPC分类号： G06F12/00
CPC分类号： G06F3/065 , G06F3/0607 , G06F3/067
摘要： A method and apparatus for replicating an image from a source to a destination disk are provided. Specific embodiments may be optimized for single source to multiple destination replication requests, for example. In one embodiment, the present invention provides tools and techniques for synchronous data replication responsive to asynchronous same-source-to-different-destination replication requests.
摘要翻译：提供了用于将图像从源复制到目的地盘的方法和装置。例如，针对单个源到多个目的地复制请求可以优化特定实施例。在一个实施例中，本发明提供响应于异步同源到不同目的地复制请求的同步数据复制的工具和技术。

17. 发明授权

US08539582B1 Malware containment and security analysis on connection 有权
标题翻译：连接恶意软件包含和安全性分析
公开(公告)号：US08539582B1
公开(公告)日：2013-09-17
申请号：US11717408
申请日：2007-03-12
申请人： Ashar Aziz , Wei-Lung Lai , Jayaraman Manni
发明人： Ashar Aziz , Wei-Lung Lai , Jayaraman Manni
IPC分类号： G08B23/00 , H04L29/06
CPC分类号： G06F21/554 , G06F9/45558 , G06F21/56 , G06F2009/45587 , H04L63/14 , H04L63/145 , H04L63/1491
摘要： Systems and methods for malware containment and security analysis on connection are provided. Digital devices are quarantined for a predetermined period of time upon connection to the communication network. When a digital device is quarantined, all network data transmitted by the digital device is directed to a controller which then analyzes the network data to identify unauthorized activity and/or malware within the newly connected digital device. An exemplary method to contain malware includes detecting a digital device upon connection with a communication network, quarantining network data from the digital device for a predetermined period of time, transmitting a command to the digital device to activate a security program to identify security risks, and analyzing the network data to identify malware within the digital device.
摘要翻译：提供了连接恶意软件包含和安全分析的系统和方法。连接到通信网络时，数字设备被隔离预定的时间段。当数字设备被隔离时，由数字设备发送的所有网络数据被引导到控制器，控制器然后分析网络数据以识别新连接的数字设备内的未经授权的活动和/或恶意软件。包含恶意软件的示例性方法包括在与通信网络连接时检测数字设备，在预定时间段内从数字设备隔离网络数据，向数字设备发送命令以激活安全程序以识别安全风险;以及分析网络数据以识别数字设备内的恶意软件。

18. 发明授权

US08204984B1 Systems and methods for detecting encrypted bot command and control communication channels 有权
标题翻译：检测加密bot命令和控制通信信道的系统和方法
公开(公告)号：US08204984B1
公开(公告)日：2012-06-19
申请号：US11998750
申请日：2007-11-30
申请人： Ashar Aziz , Wei-Lung Lai , Jayaraman Manni
发明人： Ashar Aziz , Wei-Lung Lai , Jayaraman Manni
IPC分类号： G06F15/16
CPC分类号： H04L63/1416 , H04L63/0227 , H04L63/145 , H04L63/20 , H04L2463/144
摘要： Methods and systems for detecting encrypted bot command and control communication channels are provided. In the exemplary method, the presence of a communication channel between a first network device and a second network device is monitored. Active and inactive periods of the network device are detected and a reverse channel is determined based on the detection. The first network device may then be flagged as potentially infected or suspected based on the reverse channel determination.
摘要翻译：提供了检测加密僵尸命令和控制通信信道的方法和系统。在示例性方法中，监视在第一网络设备和第二网络设备之间的通信信道的存在。检测网络设备的有效和非活动时段，并根据检测确定反向信道。然后可以基于反向信道确定将第一网络设备标记为潜在感染或怀疑。

19. 发明授权

US07657615B1 Approach for provisioning network devices 有权
标题翻译：方法来配置网络设备
公开(公告)号：US07657615B1
公开(公告)日：2010-02-02
申请号：US10731889
申请日：2003-12-08
申请人： Martin Patterson , Jayaraman Manni , Shriram Krishnan , Benjamin H. Stoltz , Christopher T. La
发明人： Martin Patterson , Jayaraman Manni , Shriram Krishnan , Benjamin H. Stoltz , Christopher T. La
IPC分类号： G06F15/177
CPC分类号： G06F9/4416
摘要： An approach for provisioning network devices generally involves supplying boot data to network devices over a network so that the network devices can be booted up in an imaging mode or an application mode, depending upon the particular boot data supplied to the network device. When booted up in the imaging mode, imaging data can be downloaded and stored on network devices. When booted up in the application mode, the network devices execute one or more programs contained in the image data stored on the network devices. The first and second boot data may be in the form of boot loader scripts. Furthermore, the first and second boot data may be provided to the network device in the payload of a dynamic host configuration protocol (DHCP) reply. The DHCP reply may be generated and provided by a DHCP server to the network device in response to receiving a DHCP request from the network device. The approach may be implemented using a secure network environment.
摘要翻译：用于配置网络设备的方法通常涉及通过网络向网络设备提供引导数据，使得根据提供给网络设备的特定引导数据，网络设备可以以成像模式或应用模式启动。当以成像模式启动时，成像数据可以下载并存储在网络设备上。当在应用模式下启动时，网络设备执行包含在存储在网络设备上的图像数据中的一个或多个程序。第一和第二引导数据可以是引导加载程序脚本的形式。此外，可以在动态主机配置协议（DHCP）应答的有效载荷中将第一和第二引导数据提供给网络设备。响应于从网络设备接收到DHCP请求，DHCP响应可以由DHCP服务器生成并提供给网络设备。该方法可以使用安全网络环境来实现。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式