专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07861300B2 Method and apparatus for determination of the non-replicative behavior of a malicious program 有权
标题翻译：用于确定恶意程序的非复制行为的方法和装置
公开(公告)号：US07861300B2
公开(公告)日：2010-12-28
申请号：US12141165
申请日：2008-06-18
申请人： William C. Arnold , David M. Chess , John F. Morar , Alla Segal , Ian N. Whalley , Steve R. White
发明人： William C. Arnold , David M. Chess , John F. Morar , Alla Segal , Ian N. Whalley , Steve R. White
IPC分类号： G06F11/00
CPC分类号： G06F21/566
摘要： Disclosed is a method, a computer system and a computer readable media product that contains a set of computer executable software instructions for directing the computer system to execute a process for determining a non-replicative behavior of a program that is suspected of containing an undesirable software entity. The process causes execution of the program in at least one known environment and automatically examines the at least one known environment to detect if a change has occurred in the environment as a result of the execution of the program. If a change is detected, the process automatically analyzes the detected change (i.e., the process performs a side effects analysis) to determine if the change resulted from execution of the program or from execution of the undesirable software entity. The process then uses the result of the analysis at least for undoing a detected change that results from execution of the undesirable software entity. The result of the analysis can also be used for informing a user of an anti-virus system of the non-replicative changes made to the environment.
摘要翻译：公开了一种方法，计算机系统和计算机可读介质产品，其包含一组计算机可执行软件指令，用于指导计算机系统执行用于确定怀疑含有不期望的软件的程序的非复制行为的过程实体。该过程导致在至少一个已知环境中执行该程序，并且自动检查该至少一个已知环境以检测由于该程序的执行而在该环境中是否发生了改变。如果检测到改变，则该过程自动分析检测到的变化（即，过程执行副作用分析），以确定改变是由执行程序还是由不期望的软件实体的执行引起。该过程然后使用分析结果至少用于撤销由不期望的软件实体的执行导致的检测到的改变。分析的结果也可以用于向用户通知反病毒系统对环境的非复制变化。

2. 发明授权

US07487543B2 Method and apparatus for the automatic determination of potentially worm-like behavior of a program 有权
标题翻译：用于自动确定程序的潜在蠕虫状行为的方法和装置
公开(公告)号：US07487543B2
公开(公告)日：2009-02-03
申请号：US10202517
申请日：2002-07-23
申请人： William C. Arnold , David M. Chess , John F. Morar , Alla Segal , Ian N. Whalley , Steve R. White
发明人： William C. Arnold , David M. Chess , John F. Morar , Alla Segal , Ian N. Whalley , Steve R. White
IPC分类号： G08B23/00 , G06F15/18 , G06F12/14 , H04L9/00
CPC分类号： G06F21/51
摘要： A method and system for the automatic determination of the behavioral profile of a program suspected of having worm-like characteristics includes analyzing data processing system resources required by the program and, if the required resources are not indicative of the program having worm-like characteristics, running the program in a controlled non-network environment while monitoring and logging accesses to system resources to determine the behavior of the program in the non-network environment. A logged record of the observed behavior is analyzed to determine if the behavior is indicative of the program having worm-like characteristics. The non-network environment may simulate the appearance of a network to the program, without emulating the operation of the network.
摘要翻译：用于自动确定涉嫌具有蠕虫特征的程序的行为特征的方法和系统包括分析程序所需的数据处理系统资源，并且如果所需资源不表示具有蠕虫状特征的程序，在受控的非网络环境中运行程序，同时监视和记录对系统资源的访问，以确定非网络环境中程序的行为。分析观察行为的记录记录，以确定行为是否表明具有蠕虫状特征的程序。非网络环境可以模拟网络对程序的外观，而不模拟网络的操作。

3. 发明授权

US08458694B2 Hypervisor with cloning-awareness notifications 有权
标题翻译：具有克隆感知通知的管理程序
公开(公告)号：US08458694B2
公开(公告)日：2013-06-04
申请号：US11741975
申请日：2007-04-30
申请人： David M. Chess , Sean L. Dague , Ronald T. Goering , Hidayatullah H. Shaikh , Ian N. Whalley , Steve R. White , Jian Yin
发明人： David M. Chess , Sean L. Dague , Ronald T. Goering , Hidayatullah H. Shaikh , Ian N. Whalley , Steve R. White , Jian Yin
IPC分类号： G06F9/455
CPC分类号： G06F9/45558 , G06F8/63 , G06F2009/45587 , G06F2221/2101
摘要： A method, information processing system, and computer readable medium for managing virtual machine imaging. The method includes receiving a request for an imaging operation associated with at least one virtual machine. A notification is sent to at least one operating system associated with the at least one virtual machine of the request for the imaging operation. The operating system is determined to be in a state for the virtual machine to be imaged. The request for the imaging operation is granting in response to determining.
摘要翻译：一种用于管理虚拟机成像的方法，信息处理系统和计算机可读介质。该方法包括接收与至少一个虚拟机相关联的成像操作的请求。将通知发送到与成像操作的请求的至少一个虚拟机相关联的至少一个操作系统。操作系统被确定为处于使虚拟机成像的状态。对成像操作的请求是响应于确定而授予的。

4. 发明授权

US07996905B2 Method and apparatus for the automatic determination of potentially worm-like behavior of a program 有权
标题翻译：用于自动确定程序潜在的蠕虫状行为的方法和装置
公开(公告)号：US07996905B2
公开(公告)日：2011-08-09
申请号：US12062152
申请日：2008-04-03
申请人： William C. Arnold , David M. Chess , John F. Morar , Alla Segal , Ian N. Whalley , Steve R. White
发明人： William C. Arnold , David M. Chess , John F. Morar , Alla Segal , Ian N. Whalley , Steve R. White
IPC分类号： G06F12/14 , H04L29/06 , G06F11/30
CPC分类号： G06F21/51
摘要： A method and system for the automatic determination of the behavioral profile of a program suspected of having worm-like characteristics includes analyzing data processing system resources required by the program and, if the required resources are not indicative of the program having worm-like characteristics, running the program in a controlled non-network environment while monitoring and logging accesses to system resources to determine the behavior of the program in the non-network environment. A logged record of the observed behavior is analyzed to determine if the behavior is indicative of the program having worm-like characteristics. The non-network environment may simulate the appearance of a network to the program, without emulating the operation of the network.
摘要翻译：用于自动确定涉嫌具有蠕虫特征的程序的行为特征的方法和系统包括分析程序所需的数据处理系统资源，并且如果所需资源不表示具有蠕虫状特征的程序，在受控的非网络环境中运行程序，同时监视和记录对系统资源的访问，以确定非网络环境中程序的行为。分析观察行为的记录记录，以确定行为是否表明具有蠕虫状特征的程序。非网络环境可以模拟网络对程序的外观，而不模拟网络的操作。

5. 发明授权

US07117182B2 Method for disaggregating customer data in online transactions to preserve privacy 有权
公开(公告)号：US07117182B2
公开(公告)日：2006-10-03
申请号：US10041391
申请日：2002-01-08
申请人： David M. Chess , Ian N. Whalley , Steve R. White
发明人： David M. Chess , Ian N. Whalley , Steve R. White
IPC分类号： G06F17/60
CPC分类号： G06Q30/06 , G06Q20/02 , G06Q20/382 , G06Q20/383 , G06Q20/401
摘要： A method for carrying out multi-party transactions in which at least one party or user has information which he considers private, the method comprising: a first determining step, in which it is determined which parties will take part in the transaction; a second determining step, in which it is determined, for each party taking part in the transaction, what information about the user that party requires in order to complete the corresponding part of the transaction; a selecting step, which may occur before or after the determining steps, in which one or more nonces, GUIDs, or other tokens are selected, to represent the user in the course of the transaction; a providing step, in which each party determined in the first determining step is provided with information comprising the corresponding information about the user determined in the second determining step, and one or more of the nonces, GUIDs, or other tokens selected in the selecting step; an execution step, in which the parties to the transaction complete the transaction, using the information about the user that they have been given, and the one or more nonces, GUIDs, or other tokens, to determine and communicate the details of the fulfillment while minimizing the amount of unneeded private information that is transmitted or otherwise exposed.

6. 发明申请

US20080256633A1 Method and Apparatus for Determination of the Non-Replicative Behavior of a Malicious Program 有权
标题翻译：用于确定恶意程序的非复制行为的方法和装置
公开(公告)号：US20080256633A1
公开(公告)日：2008-10-16
申请号：US12141165
申请日：2008-06-18
申请人： William C. ARNOLD , David M. Chess , John F. Morar , Alla Segal , Ian N. Whalley , Steve R. White
发明人： William C. ARNOLD , David M. Chess , John F. Morar , Alla Segal , Ian N. Whalley , Steve R. White
IPC分类号： G06F12/14
CPC分类号： G06F21/566
摘要： Disclosed is a method, a computer system and a computer readable media product that contains a set of computer executable software instructions for directing the computer system to execute a process for determining a non-replicative behavior of a program that is suspected of containing an undesirable software entity. The process causes execution of the program in at least one known environment and automatically examines the at least one known environment to detect if a change has occurred in the environment as a result of the execution of the program. If a change is detected, the process automatically analyzes the detected change (i.e., the process performs a side effects analysis) to determine if the change resulted from execution of the program or from execution of the undesirable software entity. The process then uses the result of the analysis at least for undoing a detected change that results from execution of the undesirable software entity. The result of the analysis can also be used for informing a user of an anti-virus system of the non-replicative changes made to the environment.
摘要翻译：公开了一种方法，计算机系统和计算机可读介质产品，其包含一组计算机可执行软件指令，用于指导计算机系统执行用于确定怀疑含有不期望的软件的程序的非复制行为的过程实体。该过程导致在至少一个已知环境中执行该程序，并且自动检查该至少一个已知环境以检测由于该程序的执行而在该环境中是否发生了改变。如果检测到改变，则该过程自动分析检测到的变化（即，过程执行副作用分析），以确定改变是由执行程序还是由不期望的软件实体的执行引起。该过程然后使用分析结果至少用于撤销由不期望的软件实体的执行导致的检测到的改变。分析的结果也可以用于向用户通知反病毒系统对环境的非复制变化。

7. 发明申请

US20080189787A1 Method and Apparatus for the Automatic Determination of Potentially Worm-Like Behavior of a Program 有权
标题翻译：用于自动确定程序的潜在蠕虫样行为的方法和装置
公开(公告)号：US20080189787A1
公开(公告)日：2008-08-07
申请号：US12062152
申请日：2008-04-03
申请人： William C. Arnold , David M. Chess , John F. Morar , Alla Segal , Ian N. Whalley , Steve R. White
发明人： William C. Arnold , David M. Chess , John F. Morar , Alla Segal , Ian N. Whalley , Steve R. White
IPC分类号： G06F21/00
CPC分类号： G06F21/51
摘要： A method and system for the automatic determination of the behavioral profile of a program suspected of having worm-like characteristics includes analyzing data processing system resources required by the program and, if the required resources are not indicative of the program having worm-like characteristics, running the program in a controlled non-network environment while monitoring and logging accesses to system resources to determine the behavior of the program in the non-network environment. A logged record of the observed behavior is analyzed to determine if the behavior is indicative of the program having worm-like characteristics. The non-network environment may simulate the appearance of a network to the program, without emulating the operation of the network.
摘要翻译：用于自动确定涉嫌具有蠕虫特征的程序的行为特征的方法和系统包括分析程序所需的数据处理系统资源，并且如果所需资源不表示具有蠕虫状特征的程序，在受控的非网络环境中运行程序，同时监视和记录对系统资源的访问，以确定非网络环境中程序的行为。分析观察行为的记录记录，以确定行为是否表明具有蠕虫状特征的程序。非网络环境可以模拟网络对程序的外观，而不模拟网络的操作。

8. 发明申请

US20080271016A1 HYPERVISOR WITH CLONING-AWARENESS NOTIFICATIONS 有权
标题翻译：具有克隆认知通知的超高频
公开(公告)号：US20080271016A1
公开(公告)日：2008-10-30
申请号：US11741975
申请日：2007-04-30
申请人： David M. Chess , Sean L. Dague , Ronald T. Goering , Hidayatullah H. Shaikh , Ian N. Whalley , Steve R. White , Jian Yin
发明人： David M. Chess , Sean L. Dague , Ronald T. Goering , Hidayatullah H. Shaikh , Ian N. Whalley , Steve R. White , Jian Yin
IPC分类号： G06F9/455
CPC分类号： G06F9/45558 , G06F8/63 , G06F2009/45587 , G06F2221/2101
摘要： A method, information processing system, and computer readable medium for managing virtual machine imaging. The method includes receiving a request for an imaging operation associated with at least one virtual machine. A notification is sent to at least one operating system associated with the at least one virtual machine of the request for the imaging operation. The operating system is determined to be in a state for the virtual machine to be imaged. The request for the imaging operation is granting in response to determining.
摘要翻译：一种用于管理虚拟机成像的方法，信息处理系统和计算机可读介质。该方法包括接收与至少一个虚拟机相关联的成像操作的请求。将通知发送到与成像操作的请求的至少一个虚拟机相关联的至少一个操作系统。操作系统被确定为处于使虚拟机成像的状态。对成像操作的请求是响应于确定而授予的。

9. 发明授权

US07103913B2 Method and apparatus for determination of the non-replicative behavior of a malicious program 有权
公开(公告)号：US07103913B2
公开(公告)日：2006-09-05
申请号：US10141896
申请日：2002-05-08
申请人： William C. Arnold , David M. Chess , John F. Morar , Alla Segal , Ian N. Whalley , Steve R. White
发明人： William C. Arnold , David M. Chess , John F. Morar , Alla Segal , Ian N. Whalley , Steve R. White
IPC分类号： G06F11/00
CPC分类号： G06F21/566
摘要： Disclosed is a method, a computer system and a computer readable media product that contains a set of computer executable software instructions for directing the computer system to execute a process for determining a non-replicative behavior of a program that is suspected of containing an undesirable software entity. The process causes execution of the program in at least one known environment and automatically examines the at least one known environment to detect if a change has occurred in the environment as a result of the execution of the program. If a change is detected, the process automatically analyzes the detected change (i.e., the process performs a side effects analysis) to determine if the change resulted from execution of the program or from execution of the undesirable software entity. The process then uses the result of the analysis at least for undoing a detected change that results from execution of the undesirable software entity. The result of the analysis can also be used for informing a user of an anti-virus system of the non-replicative changes made to the environment.

10. 发明授权

US07069585B1 Physical key security management method and apparatus for information systems 有权
标题翻译：信息系统的物理密钥安全管理方法和装置
公开(公告)号：US07069585B1
公开(公告)日：2006-06-27
申请号：US09641156
申请日：2000-08-17
申请人： David M. Chess , Ian N. Whalley , Steve R. White , John F. Morar
发明人： David M. Chess , Ian N. Whalley , Steve R. White , John F. Morar
IPC分类号： G07F7/08
CPC分类号： H04L63/0853 , G06F21/31 , G06F21/34 , G06F21/445 , G06F2221/2113 , G06F2221/2129 , G06F2221/2153 , H04L63/10
摘要： An apparatus and a method for enabling the secure installation and use of an information system having a plurality of nodes, where the plurality of nodes include at least one information appliance (100) and at least one security console (200). The apparatus includes at least one data-carrying object, referred to as a “key” (301), that contains security-related data, and further includes at least one key receptacle (103, 203) that forms a portion of at least one of the nodes. The key is inserted into the receptacle for reading-out the security-related data for indicating to the information system a desired security configuration. The key is not intended to primarily establish the identity of a particular user or principal, but is instead intended to provide and be instrumental in defining, using a tangible medium, a security configuration that bestows a certain level of authorization or access to a particular user or principal.
摘要翻译：一种用于实现具有多个节点的信息系统的安全安装和使用的装置和方法，其中所述多个节点包括至少一个信息装置（100）和至少一个安全控制台（200）。该装置包括至少一个数据携带对象，被称为“密钥”（301），其包含与安全性有关的数据，并且还包括至少一个密钥容器（103,203），其形成至少一个的节点。将密钥插入插座中，以读出与安全相关的数据，以向信息系统指示所需的安全配置。密钥不是主要建立特定用户或主体的身份，而是旨在提供并有助于使用有形介质来定义给予特定用户的一定级别的授权或访问的安全配置或校长。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式