专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20130246378A1 PARTIAL HASH SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT 审中-公开
标题翻译：部分哈希系统，方法和计算机程序产品
公开(公告)号：US20130246378A1
公开(公告)日：2013-09-19
申请号：US11742410
申请日：2007-04-30
申请人： Stephen Owen Hearnden , Anthony Vaughan Bartram
发明人： Stephen Owen Hearnden , Anthony Vaughan Bartram
IPC分类号： G06F17/30
CPC分类号： H04L63/12 , G06F21/564 , G06F21/606 , G06F21/64
摘要： A system, method, and computer program product are provided for outputting a signal based on a partial hash comparison. In use, data is identified. In addition, a partial hash is determined utilizing a portion of the data. Further, the partial hash is compared with a plurality of known partial hashes, and an additional hash is conditionally determined based on the comparison. Still yet, a signal is output based on the comparison.
摘要翻译：提供了一种基于部分散列比较输出信号的系统，方法和计算机程序产品。在使用中，数据被识别。另外，使用部分数据来确定部分散列。此外，将部分散列与多个已知的部分散列进行比较，并且基于比较有条件地确定附加散列。仍然，基于比较输出信号。

2. 发明授权

US07558409B2 System and method for identifying a user by grading a digital representation of an analogue form entered by the user 失效
标题翻译：通过对用户输入的模拟形式的数字表示进行分级来识别用户的系统和方法
公开(公告)号：US07558409B2
公开(公告)日：2009-07-07
申请号：US10491248
申请日：2002-09-27
申请人： Anthony Vaughan Bartram
发明人： Anthony Vaughan Bartram
IPC分类号： G06K9/00
CPC分类号： G06K9/00885 , G06K9/00154
摘要： A system for identifying a user by deriving a digital representation of an analogue form entered by the user, the analogue form being distinctive of the user; and by grading the digital representation against a plurality of grades. The grades are defined dependent upon possible variation in the analogue form. The grades ensure the same grading of the analogue form notwithstanding the variation. The graded digital representation constitutes an identification of the user.
摘要翻译：一种用于通过导出由用户输入的模拟形式的数字表示来识别用户的系统，所述模拟形式与用户不同; 并根据多个等级对数字表示进行分级。等级的定义取决于模拟形式的可能变化。尽管有变化，等级确保模拟形式的相同等级。分级数字表示构成用户的标识。

3. 发明授权

US08769692B1 System and method for detecting malware by transforming objects and analyzing different views of objects 有权
标题翻译：通过转换对象和分析对象的不同视图来检测恶意软件的系统和方法
公开(公告)号：US08769692B1
公开(公告)日：2014-07-01
申请号：US13182641
申请日：2011-07-14
申请人： Igor G. Muttik , Anthony Vaughan Bartram
发明人： Igor G. Muttik , Anthony Vaughan Bartram
IPC分类号： G06F12/14 , G06F11/00 , G06F12/16
CPC分类号： G06F21/56 , H04L63/0227 , H04L63/1416 , H04L67/02
摘要： A method in one example implementation includes generating a plurality of transformed views of an object in a network environment and generating a plurality of filtered information sets. The method further includes detecting a suspect correlation based on an analysis of at least some of the plurality of transformed views and of at least some of the plurality of filtered information sets. In a more specific embodiment, the analysis includes an original view of the object. Other more specific embodiments include applying filters to selected views of the object, where each of the filters is associated with a different obfuscation type. Applying the filters includes transforming obfuscation elements in the plurality of transformed views, where the object contains the one or more obfuscation elements.
摘要翻译：一个示例实现中的方法包括在网络环境中生成对象的多个变换视图并生成多个经滤波的信息集。该方法还包括基于对多个经变换的视图中的至少一些和多个经过滤的信息集中的至少一些的分析来检测可疑的相关性。在更具体的实施例中，分析包括对象的原始视图。其他更具体的实施例包括将滤波器应用于对象的所选视图，其中每个滤波器与不同的混淆类型相关联。应用过滤器包括在多个变换视图中转换混淆元素，其中对象包含一个或多个混淆元素。

4. 发明授权

US08555382B2 Method and system for automatic invariant byte sequence discovery for generic detection 有权
标题翻译：用于一般检测的自动不变字节序列发现的方法和系统
公开(公告)号：US08555382B2
公开(公告)日：2013-10-08
申请号：US12820717
申请日：2010-06-22
申请人： Irene Michlin , Anthony Vaughan Bartram
发明人： Irene Michlin , Anthony Vaughan Bartram
IPC分类号： G06F11/00
CPC分类号： G06F21/564
摘要： A method for creating a set of genericized signatures for detection of byte sequences in computer code includes accessing a first set of sample signatures, determining a maximum number of wildcards that a wildcarded signature may comprise, determining a first wildcarded signature corresponding to the first set of sample signatures, evaluating the first wildcarded signature, and repeating the steps of evaluating for any second wildcarded signatures. Each of the signatures corresponds to an instance of malware. The evaluation further includes if the number of wildcards in the first wildcarded signature exceeds the maximum number of wildcards, determining a plurality of second wildcarded signatures corresponding to a plurality of subsets of the set of sample signatures. The evaluation further includes if the number of wildcards in the first wildcarded signature is less than or equal to the maximum number of wildcards, adding the first wildcarded signature to a set of genericized signatures.
摘要翻译：用于创建用于检测计算机代码中的字节序列的一组通用签名的方法包括访问第一组样本签名，确定通配签名可以包含的通配符的最大数量，确定与第一组通配符相对应的第一通配签名样本签名，评估第一个通配符号，并重复评估任何第二个通配签名的步骤。每个签名对应于恶意软件的实例。评估还包括如果第一通配签名中的通配符的数量超过通配符的最大数量，则确定与该组样本签名的多个子集相对应的多个第二通配签名。评估还包括如果第一通配符号中的通配符的数量小于或等于通配符的最大数目，则将第一通配符号添加到一组通用签名。

5. 发明申请

US20110314545A1 METHOD AND SYSTEM FOR AUTOMATIC INVARIANT BYTE SEQUENCE DISCOVERY FOR GENERIC DETECTION 有权
标题翻译：用于通用检测的自动不定期字节序列发现的方法和系统
公开(公告)号：US20110314545A1
公开(公告)日：2011-12-22
申请号：US12820717
申请日：2010-06-22
申请人： Irene Michlin , Anthony Vaughan Bartram
发明人： Irene Michlin , Anthony Vaughan Bartram
IPC分类号： G06F11/00 , G06F21/00
CPC分类号： G06F21/564
摘要： A method for creating a set of genericized signatures for detection of byte sequences in computer code includes accessing a first set of sample signatures, determining a maximum number of wildcards that a wildcarded signature may comprise, determining a first wildcarded signature corresponding to the first set of sample signatures, evaluating the first wildcarded signature, and repeating the steps of evaluating for any second wildcarded signatures. Each of the signatures corresponds to an instance of malware. The evaluation further includes if the number of wildcards in the first wildcarded signature exceeds the maximum number of wildcards, determining a plurality of second wildcarded signatures corresponding to a plurality of subsets of the set of sample signatures. The evaluation further includes if the number of wildcards in the first wildcarded signature is less than or equal to the maximum number of wildcards, adding the first wildcarded signature to a set of genericized signatures.
摘要翻译：用于创建用于检测计算机代码中的字节序列的一组通用签名的方法包括访问第一组样本签名，确定通配签名可以包含的通配符的最大数量，确定与第一组通配符相对应的第一通配签名样本签名，评估第一个通配符号，并重复评估任何第二个通配符号的步骤。每个签名对应于恶意软件的实例。评估还包括如果第一通配签名中的通配符的数量超过通配符的最大数量，则确定与该组样本签名的多个子集相对应的多个第二通配签名。评估还包括如果第一通配符号中的通配符的数量小于或等于通配符的最大数目，则将第一通配符号添加到一组通用签名。

6. 发明申请

US20110219002A1 METHOD AND SYSTEM FOR DISCOVERING LARGE CLUSTERS OF FILES THAT SHARE SIMILAR CODE TO DEVELOP GENERIC DETECTIONS OF MALWARE 审中-公开
标题翻译：发现大型文件集的方法和系统，分类类似代码，以开发恶意代码的一般检测
公开(公告)号：US20110219002A1
公开(公告)日：2011-09-08
申请号：US12718683
申请日：2010-03-05
申请人： Anthony Vaughan Bartram , Adrian M. Dunbar
发明人： Anthony Vaughan Bartram , Adrian M. Dunbar
IPC分类号： G06F17/30
CPC分类号： G06K9/6215
摘要： A computer-implemented method for determining similarities between system executable objects includes the steps of determining with one or more computing systems a plurality of subsequences of operation codes in a plurality of disassembled system executable objects, for each subsequence, determining with the one or more computing systems a first set of system executable objects associated with the subsequence, with the computing systems, clustering the first set of system executable objects with a cluster. The cluster includes a set of system executable objects. The step of clustering the first set of system executable objects and the cluster includes the steps of determining with the computing systems the relative similarity between the first set of system executable objects and the cluster, and if the first set of system executable objects is similar to the cluster, adding with the computing systems the system executable objects to the cluster.
摘要翻译：用于确定系统可执行对象之间的相似性的计算机实现的方法包括以下步骤：对于每个子序列，针对每个子序列，使用一个或多个计算系统确定多个反汇编的系统可执行对象中的多个操作代码的子序列，与计算系统一起系统地与子序列相关联的第一组系统可执行对象，用集群将第一组系统可执行对象集群。集群包括一组系统可执行对象。对第一组系统可执行对象和集群进行聚类的步骤包括以下步骤：使用计算系统确定第一组系统可执行对象与集群之间的相对相似度，以及如果第一组系统可执行对象类似于集群，将计算系统添加到集群的系统可执行对象。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式