专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20140101764A1 METHODS AND APPARATUS TO DETECT RISKS USING APPLICATION LAYER PROTOCOL HEADERS 有权
标题翻译：使用应用层协议头来检测风险的方法和设备
公开(公告)号：US20140101764A1
公开(公告)日：2014-04-10
申请号：US13839810
申请日：2013-03-15
申请人： Rodrigo Ribeiro Montoro
发明人： Rodrigo Ribeiro Montoro
IPC分类号： G06F21/56
CPC分类号： G06F21/56 , H04L63/145 , H04L67/02
摘要： Methods, apparatus, systems and articles of manufacture to detect risks using application protocol headers are disclosed. An example method includes extracting characteristics from a header of a received hypertext transport protocol (HTTP) request, determining a first score corresponding to a first characteristic of the characteristics, determining a second score corresponding to a second characteristic of the characteristics, adding the first score and the second score to determine a combined score, and indicating that the received HTTP request is malware when the combined score meets a threshold.
摘要翻译：公开了使用应用协议报头来检测风险的方法，装置，系统和制品。一种示例性方法包括从接收的超文本传输协议（HTTP）请求的报头中提取特征，确定与特征的第一特征相对应的第一分数，确定对应于特征的第二特征的第二分数，将第一分数以及第二分数以确定组合分数，并且当组合分数满足阈值时，指示所接收的HTTP请求是恶意软件。

2. 发明授权

US09177142B2 Identification of electronic documents that are likely to contain embedded malware 有权
标题翻译：识别可能包含嵌入式恶意软件的电子文档
公开(公告)号：US09177142B2
公开(公告)日：2015-11-03
申请号：US13274077
申请日：2011-10-14
申请人： Rodrigo Ribeiro Montoro
发明人： Rodrigo Ribeiro Montoro
IPC分类号： G06F21/56
CPC分类号： G06F21/562
摘要： The present invention provides a method for determining the likelihood that an electronic document contains embedded malware. After parsing or sequencing an electronic document, the metadata structures that make up the document are analyzed. A number of pre-established rules are then applied with respect to certain metadata structures that are indicative of embedded malware. The application of these rules results in the generation of a score for the electronic document being tested for embedded malware. The score is then compared to a threshold value, where the threshold value was previously generated based on a statistical model relating to electronic documents having the same format as the document being tested. The result of the comparison can then be used to determine whether the document being tested is or is not likely to contain embedded malware.
摘要翻译：本发明提供了一种用于确定电子文档包含嵌入式恶意软件的可能性的方法。分析或排序电子文档后，分析组成文档的元数据结构。然后针对指示嵌入式恶意软件的某些元数据结构应用许多预先建立的规则。这些规则的应用导致为嵌入式恶意软件测试的电子文档生成分数。然后将分数与阈值进行比较，其中基于与具有与被测试文档相同格式的电子文档的统计模型，先前生成阈值。然后可以使用比较的结果来确定被测试的文档是否或不可能包含嵌入式恶意软件。

3. 发明申请

US20130097705A1 IDENTIFICATION OF ELECTRONIC DOCUMENTS THAT ARE LIKELY TO CONTAIN EMBEDDED MALWARE 有权
标题翻译：识别包含嵌入式恶意软件的电子文件
公开(公告)号：US20130097705A1
公开(公告)日：2013-04-18
申请号：US13274077
申请日：2011-10-14
申请人： Rodrigo Ribeiro Montoro
发明人： Rodrigo Ribeiro Montoro
IPC分类号： G06F21/00
CPC分类号： G06F21/562
摘要： The present invention provides a method for determining the likelihood that an electronic document contains embedded malware. After parsing or sequencing an electronic document, the metadata structures that make up the document are analyzed. A number of pre-established rules are then applied with respect to certain metadata structures that are indicative of embedded malware. The application of these rules results in the generation of a score for the electronic document being tested for embedded malware. The score is then compared to a threshold value, where the threshold value was previously generated based on a statistical model relating to electronic documents having the same format as the document being tested. The result of the comparison can then be used to determine whether the document being tested is or is not likely to contain embedded malware.
摘要翻译：本发明提供了一种用于确定电子文档包含嵌入式恶意软件的可能性的方法。分析或排序电子文档后，分析组成文档的元数据结构。然后针对指示嵌入式恶意软件的某些元数据结构应用许多预先建立的规则。这些规则的应用导致为嵌入式恶意软件测试的电子文档生成分数。然后将分数与阈值进行比较，其中基于与具有与被测试文档相同格式的电子文档的统计模型，先前生成阈值。然后可以使用比较的结果来确定被测试的文档是否或不可能包含嵌入式恶意软件。

4. 发明授权

US09135439B2 Methods and apparatus to detect risks using application layer protocol headers 有权
标题翻译：使用应用层协议头来检测风险的方法和设备
公开(公告)号：US09135439B2
公开(公告)日：2015-09-15
申请号：US13839810
申请日：2013-03-15
申请人： Rodrigo Ribeiro Montoro
发明人： Rodrigo Ribeiro Montoro
IPC分类号： G06F21/56 , H04L29/06 , H04L29/08
CPC分类号： G06F21/56 , H04L63/145 , H04L67/02
摘要： Methods, apparatus, systems and articles of manufacture to detect risks using application protocol headers are disclosed. An example method includes extracting characteristics from a header of a received hypertext transport protocol (HTTP) request, determining a first score corresponding to a first characteristic of the characteristics, determining a second score corresponding to a second characteristic of the characteristics, adding the first score and the second score to determine a combined score, and indicating that the received HTTP request is malware when the combined score meets a threshold.
摘要翻译：公开了使用应用协议报头来检测风险的方法，装置，系统和制品。一种示例性方法包括从接收的超文本传输协议（HTTP）请求的报头中提取特征，确定与特征的第一特征相对应的第一分数，确定对应于特征的第二特征的第二分数，将第一分数以及第二分数以确定组合分数，并且当组合分数满足阈值时，指示接收到的HTTP请求是恶意软件。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式