专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07926106B1 Utilizing early exclusive volume access and direct volume manipulation to remove protected files 有权
标题翻译：利用早期专用卷访问和直接卷操作来删除受保护的文件
公开(公告)号：US07926106B1
公开(公告)日：2011-04-12
申请号：US11400538
申请日：2006-04-06
申请人： Mark Kennedy , Michael Spertus , Peter Linhardt , Richard Gough , Adam Glick , Patrick Gardner , Spencer Smith , Tim Naftel
发明人： Mark Kennedy , Michael Spertus , Peter Linhardt , Richard Gough , Adam Glick , Patrick Gardner , Spencer Smith , Tim Naftel
IPC分类号： G06F11/00
CPC分类号： G06F21/568
摘要： Upon detection of a rootkit, a host computer system is rebooted. The boot process is interrupted. Access to a media, e.g., a volume or disk, containing the rootkit is gained and the media is directly accessed. The rootkit is disabled, e.g., renamed or deleted, and the host computer system is rebooted a second time. If the rootkit has not been previously removed, e.g., only renamed, the rootkit is removed, e.g., using a conventional antivirus application. Thus, upon detection of a rootkit, the rootkit is removed without a clean boot.
摘要翻译：在检测到rootkit后，重新启动主机系统。引导过程中断。获得对包含rootkit的媒体（例如卷或磁盘）的访问，并直接访问媒体。 rootkit被禁用，例如重命名或删除，并且主计算机系统第二次重新启动。如果rootkit尚未被除去，例如，仅被重命名，则rootkit被去除，例如使用传统的防病毒应用程序。因此，在检测到一个rootkit后，rootkit将被删除而无需干净启动。

2. 发明授权

US08230500B1 Methods and systems for detecting rootkits 有权
标题翻译：用于检测rootkit的方法和系统
公开(公告)号：US08230500B1
公开(公告)日：2012-07-24
申请号：US12163731
申请日：2008-06-27
申请人： Michael Spertus , Mark Kennedy
发明人： Michael Spertus , Mark Kennedy
IPC分类号： G06F12/14 , G06F11/00
CPC分类号： G06F21/566
摘要： A computer-implemented method for detecting rootkits. The method may include identifying, from a control platform, a first directory listing. The first directory listing may be associated with a file system. The method may include identifying, from a target platform, a second directory listing. The second directory listing may be associated with the file system. The target platform and the control platform may be running concurrently on a computing device. The method may also include detecting a discrepancy between the first directory listing and the second directory listing and determining that the discrepancy is a result of the target platform being infected with a rootkit. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译：用于检测rootkit的计算机实现的方法。该方法可以包括从控制平台识别第一目录列表。第一个目录列表可能与文件系统相关联。该方法可以包括从目标平台识别第二目录列表。第二个目录列表可能与文件系统相关联。目标平台和控制平台可以在计算设备上同时运行。该方法还可以包括检测第一目录列表和第二目录列表之间的差异，并确定差异是目标平台被rootkit感染的结果。还公开了各种其它方法，系统和计算机可读介质。

3. 发明授权

US08392992B1 Method and apparatus for preventing sensitive data leakage due to input focus misappropriation 有权
标题翻译：用于防止由于输入焦点盗用而导致的敏感数据泄漏的方法和装置
公开(公告)号：US08392992B1
公开(公告)日：2013-03-05
申请号：US12130016
申请日：2008-05-30
申请人： Michael Spertus
发明人： Michael Spertus
IPC分类号： G06F21/00
CPC分类号： G06F21/556 , G06F21/36
摘要： A method and apparatus for preventing sensitive data leakage due to input focus misappropriation is described. In one embodiment, a method for restricting a change in an input focus to protect sensitive data comprising identifying a visual representation component used to receive sensitive data, wherein the virtual representation component having an input focus of a computer and preventing a change in the input focus from the visual representation component.
摘要翻译：描述了用于防止由于输入焦点盗用引起的敏感数据泄漏的方法和装置。在一个实施例中，一种用于限制输入焦点的改变以保护敏感数据的方法，包括识别用于接收敏感数据的视觉表示组件，其中所述虚拟表示组件具有计算机的输入焦点并防止输入焦点的改变从视觉表示组件。

4. 发明授权

US08001606B1 Malware detection using a white list 有权
标题翻译：恶意软件检测使用白名单
公开(公告)号：US08001606B1
公开(公告)日：2011-08-16
申请号：US12495479
申请日：2009-06-30
申请人： Michael Spertus
发明人： Michael Spertus
IPC分类号： G06F12/14
CPC分类号： G06F21/564
摘要： A reputation server is coupled to multiple clients via a network. A security module at a client identifies an application and determines whether it is on a white list. If the application is not on the white list, the security module monitors the application using a strict set of signatures. If the application is on the white list, the security module monitors the application using a relaxed set of signatures. The relaxed set of signatures can exclude legitimate characteristics possessed by the application as specified by the white list. The security module evaluates whether the application is malicious based at least in part on whether it possesses suspicious characteristics described by the signatures. The reputation server receives reports from clients identifying applications and describing characteristics possessed by the applications and uses the reports to generate the white list.
摘要翻译：信誉服务器通过网络耦合到多个客户端。客户端的安全模块识别应用程序并确定它是否在白名单上。如果应用程序不在白名单上，则安全模块将使用严格的签名集监视应用程序。如果应用程序在白名单上，则安全模块将使用一组轻松的签名来监视应用程序。轻松的签名集合可以排除由白名单指定的应用程序拥有的合法特征。至少部分由安全模块是否具有签名描述的可疑特征来评估该应用是否是恶意的。信誉服务器从客户端接收识别应用程序的报告并描述应用程序拥有的特征，并使用报告生成白名单。

5. 发明授权

US09959404B2 Methods and systems for creating and updating approved-file and trusted-domain databases 有权
公开(公告)号：US09959404B2
公开(公告)日：2018-05-01
申请号：US11865073
申请日：2007-10-01
申请人： Carey Nachenberg , Michael Spertus , Sourabh Satish , Gerry Egan
发明人： Carey Nachenberg , Michael Spertus , Sourabh Satish , Gerry Egan
IPC分类号： G06F21/51 , G06F21/56 , H04L29/06
CPC分类号： G06F21/51 , G06F21/56 , H04L63/1416
摘要： Computer-implemented methods and systems for creating or updating approved-file and trusted-domain databases and verifying the legitimacy of files are disclosed. A method for creating or updating an approved-file database may include intercepting a first file, identifying a source domain associated with the first file, identifying a trusted-domain database, determining whether a database record for the source domain associated with the first file exists within the trusted-domain database, creating a hash value for the first file if a database record for the source domain associated with the first file exists within the trusted-domain database, and storing the hash value for the first file in an approved-file database. Methods and systems for verifying the legitimacy of a file and for creating or updating a trusted-domain database are also disclosed.

6. 发明授权

US08201224B1 Systems and methods for temporarily adjusting control settings on computing devices 有权
标题翻译：用于临时调整计算设备上的控制设置的系统和方法
公开(公告)号：US08201224B1
公开(公告)日：2012-06-12
申请号：US12241173
申请日：2008-09-30
申请人： Michael Spertus
发明人： Michael Spertus
IPC分类号： H04L29/06
CPC分类号： G06F21/6218 , G06F2221/2137 , G06F2221/2149 , H04L63/0823 , H04L63/101
摘要： A computer-implemented method for temporarily adjusting control settings on computing devices. The method may comprise: 1) receiving a set of permissions for adjusting a set of control settings on a computing device, 2) identifying the set of control settings to be adjusted, and then 3) temporarily adjusting, based on the set of permissions, the set of control settings. The method may further comprise saving a base state of the set of control settings and restoring the set of control settings to the base state. Corresponding systems and computer-readable media are also disclosed.
摘要翻译：一种用于临时调整计算设备上的控制设置的计算机实现的方法。该方法可以包括：1）接收用于调整计算设备上的一组控制设置的一组权限，2）识别要调整的一组控制设置，然后基于所述权限集合临时调整，一组控制设置。该方法还可以包括保存该组控制设置的基本状态并将该组控制设置恢复到基本状态。还公开了相应的系统和计算机可读介质。

7. 发明申请

US20050172271A1 Interactive debugging system with debug data base system 失效
标题翻译：具有调试数据库系统的交互调试系统
公开(公告)号：US20050172271A1
公开(公告)日：2005-08-04
申请号：US11091602
申请日：2005-03-28
申请人： Michael Spertus , Charles Fiterman , Gustavo Rodriguez Rivera
发明人： Michael Spertus , Charles Fiterman , Gustavo Rodriguez Rivera
IPC分类号： G06F11/36 , G06F9/44
CPC分类号： G06F11/3664 , G06F12/0253
摘要： An interactive system for debugging programs in which a persistent data base system responds to update queries containing debugging information from a debugging information source and to read queries on the debugging information from an interactive interface. The interactive interface produces the read queries in response to inputs from users and formats the results of the read queries as required by the user. One source of inputs is a standard Web browser for which the interactive interface functions as a Web server. The system also includes a command channel by which the source of debugging information receives commands from the interactive interface. In one embodiment, the command channel is implemented in the data base. In a disclosed implementation, the source of debugging information provides memory debugging information. Also disclosed are techniques for using an automatic memory management system to reduce memory fragmentation and heap footprint size.
摘要翻译：用于调试程序的交互式系统，其中持久数据库系统响应来自调试信息源的包含调试信息的更新查询，并从交互式界面读取关于调试信息的查询。交互式界面响应于用户的输入产生读取查询，并根据用户要求格式化读取查询的结果。一个输入源是一个标准的Web浏览器，交互式界面用作Web浏览器。该系统还包括调试信息源从交互式接口接收命令的命令通道。在一个实施例中，命令通道在数据库中实现。在公开的实现中，调试信息的源提供存储器调试信息。还公开了使用自动存储器管理系统来减少内存碎片和堆足迹尺寸的技术。

8. 发明授权

US08732821B1 Method and apparatus for preventing accidential disclosure of confidential information via visual representation objects 有权
标题翻译：用于通过视觉表示对象来防止机密信息的公开披露的方法和装置
公开(公告)号：US08732821B1
公开(公告)日：2014-05-20
申请号：US12724061
申请日：2010-03-15
申请人： Michael Spertus
发明人： Michael Spertus
IPC分类号： G06F21/00
CPC分类号： G06F21/31 , G06F21/6218 , G06F2221/2101
摘要： A method and apparatus for preventing accidental disclosure of confidential information via visual representation objects is described. In one embodiment, the method includes establishing pattern information with respect to confidential information, wherein the confidential information is used to authenticate users, monitoring a visual representation object having an input focus associated with a user interface, wherein the visual representation object receives input data, comparing the input data with the pattern information to identify at least one unobscured portion of the confidential information and producing indicia of detection of the at least one unobscured portion of the confidential information on the visual representation object.
摘要翻译：描述了通过视觉表示对象来防止意外泄露机密信息的方法和装置。在一个实施例中，所述方法包括建立关于机密信息的模式信息，其中机密信息用于认证用户，监视具有与用户界面相关联的输入焦点的视觉表示对象，其中所述可视表示对象接收输入数据，将所述输入数据与所述模式信息进行比较，以识别所述机密信息的至少一个视野不同部分，并且产生对所述视觉表示对象上的所述机密信息的所述至少一个视野不同部分的检测标记。

9. 发明授权

US08180893B1 Component-level sandboxing 有权
标题翻译：组件级沙箱
公开(公告)号：US08180893B1
公开(公告)日：2012-05-15
申请号：US12724297
申请日：2010-03-15
申请人： Michael Spertus
发明人： Michael Spertus
IPC分类号： G06F15/16
CPC分类号： G06F21/52 , G06F21/53
摘要： Component-level sandboxing is implemented in the example context of an enterprise rights management system. A policy enforcement module monitors an application executing on a client to detect and evaluate data access requests in view of a rights policy. The policy enforcement module determines how to handle the request based on the whether the policy permits the request. If the request is permitted, the policy enforcement module allows the requests and sandboxes it using virtualization. The sandbox virtualizes the thread making the request and/or a data access component involved in the request. Other aspects of the application that do not implicate the rights policy are not sandboxed. In this way, sandboxing is used to enforce the rights policy in a manner that is transparent to the user and consumes relatively few resources of the client.
摘要翻译：组件级沙箱在企业权限管理系统的示例上下文中实现。策略执行模块监视在客户机上执行的应用程序，以便根据权限策略来检测和评估数据访问请求。策略执行模块根据策略是否允许请求来确定如何处理请求。如果请求被允许，策略实施模块允许使用虚拟化的请求和沙箱。沙箱虚拟化请求的线程和/或请求中涉及的数据访问组件。不涉及权限策略的应用程序的其他方面不会被沙盒化。以这种方式，沙盒用于以对用户透明的方式执行权限策略，并消耗相对较少的客户端资源。

10. 发明申请

US20090089290A1 METHODS AND SYSTEMS FOR CREATING AND UPDATING APPROVED-FILE AND TRUSTED-DOMAIN DATABASES 有权
标题翻译：用于创建和更新批准的文件和有害数据库数据库的方法和系统
公开(公告)号：US20090089290A1
公开(公告)日：2009-04-02
申请号：US11865073
申请日：2007-10-01
申请人： Carey Nachenberg , Michael Spertus , Sourabh Satish , Gerry Egan
发明人： Carey Nachenberg , Michael Spertus , Sourabh Satish , Gerry Egan
IPC分类号： G06F17/30
CPC分类号： G06F21/51 , G06F21/56 , H04L63/1416
摘要： Computer-implemented methods and systems for creating or updating approved-file and trusted-domain databases and verifying the legitimacy of files are disclosed. A method for creating or updating an approved-file database may comprise intercepting a first file, identifying a source domain associated with the first file, identifying a trusted-domain database, determining whether a database record for the source domain associated with the first file exists within the trusted-domain database, creating a hash value for the first file if a database record for the source domain associated with the first file exists within the trusted-domain database, and storing the hash value for the first file in an approved-file database. Methods and systems for verifying the legitimacy of a file and for creating or updating a trusted-domain database are also disclosed.
摘要翻译：公开了用于创建或更新已批准文件和可信域数据库以及验证文件合法性的计算机实现的方法和系统。用于创建或更新批准文件数据库的方法可以包括拦截第一文件，识别与第一文件相关联的源域，标识可信域数据库，确定是否存在与第一文件相关联的源域的数据库记录在受信任域数据库内，如果在受信任域数据库内存在与第一个文件相关联的源域的数据库记录，并将第一个文件的哈希值存储在已批准文件中，则为第一个文件创建哈希值数据库。还公开了用于验证文件的合法性以及用于创建或更新可信域数据库的方法和系统。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式