专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07624443B2 Method and system for a self-heating device 有权
标题翻译：自加热装置的方法和系统
公开(公告)号：US07624443B2
公开(公告)日：2009-11-24
申请号：US11018412
申请日：2004-12-21
申请人： Michael Kramer , Scott A. Field , Marc E. Seinfeld , Carl Carter-Schwendler , Paul Luber , Adrian M. Marinescu
发明人： Michael Kramer , Scott A. Field , Marc E. Seinfeld , Carl Carter-Schwendler , Paul Luber , Adrian M. Marinescu
IPC分类号： G06F11/00 , G06F17/30 , G06F15/177 , G06F1/24 , H04L29/06 , G06F11/30 , G06F15/173 , G06F12/00
CPC分类号： G06F21/568 , G06F21/554 , Y10S707/99953
摘要： A self-healing device is provided in which changes made between the time that an infection resulting from an attack on the device was detected and an earlier point in time to which the device is capable of being restored may be recovered based, at least in part, on what kinds of changes were made, whether the changes were bona fide or malware induced, whether the changes were made after the time that the infection likely occurred, and whether new software was installed.
摘要翻译：提供了一种自愈设备，其中，可以在至少部分地恢复在检测到由设备的攻击引起的感染的时间与设备能够恢复到的较早时间点之间进行的改变关于什么样的变化，这些变化是真正的还是恶意软件引起的，这些变化是否在感染可能发生的时间之后进行，以及是否安装了新的软件。

2. 发明授权

US07673341B2 System and method of efficiently identifying and removing active malware from a computer 有权
标题翻译：从计算机有效识别和删除活动恶意软件的系统和方法
公开(公告)号：US07673341B2
公开(公告)日：2010-03-02
申请号：US11012892
申请日：2004-12-15
申请人： Michael Kramer , Matthew Braverman , Marc E. Seinfeld , Jason Garms , Adrian M. Marinescu , George Cristian Chicioreanu , Scott A. Field
发明人： Michael Kramer , Matthew Braverman , Marc E. Seinfeld , Jason Garms , Adrian M. Marinescu , George Cristian Chicioreanu , Scott A. Field
IPC分类号： G06F12/14
CPC分类号： H04L63/1408 , G06F21/562
摘要： The present invention provides a system, method, and computer-readable medium for identifying and removing active malware from a computer. Aspects of the present invention are included in a cleaner tool that may be obtained automatically with an update service or may be downloaded manually from a Web site or similar distribution system. The cleaner tool includes a specialized scanning engine that searches a computer for active malware. Since the scanning engine only searches for active malware, the amount of data downloaded and resource requirements of the cleaner tool are less than traditional antivirus software. The scanning engine searches specific locations on a computer, such as data mapped in memory, configuration files, and file metadata for data characteristic of malware. If malware is detected, the cleaner tool removes the malware from the computer.
摘要翻译：本发明提供一种用于从计算机识别和去除活动恶意软件的系统，方法和计算机可读介质。本发明的方面包括在可以使用更新服务自动获得的清洁工具中，或者可以从网站或类似的分发系统手动下载。更清洁的工具包括专门的扫描引擎，可在计算机上搜索主动恶意软件。由于扫描引擎仅搜索活动的恶意软件，所以下载的数据量和清洁工具的资源需求比传统的防病毒软件要少。扫描引擎在计算机上搜索特定位置，例如映射到内存中的数据，配置文件和文件元数据，以便恶意软件的特征。如果检测到恶意软件，则清洁工具会从计算机中删除恶意软件。

3. 发明申请

US20130160126A1 MALWARE REMEDIATION SYSTEM AND METHOD FOR MODERN APPLICATIONS 审中-公开
标题翻译：恶意修复系统及现代应用方法
公开(公告)号：US20130160126A1
公开(公告)日：2013-06-20
申请号：US13327223
申请日：2011-12-15
申请人： Vishal Kapoor , Jason J. Joyce , Gregory W. Nichols , Joshua W. Dunn , Michael S. Jarrett , Adrian M. Marinescu , Marc E. Seinfeld , Axel Andrejs , Jayaraman Kalyana Sundaram
发明人： Vishal Kapoor , Jason J. Joyce , Gregory W. Nichols , Joshua W. Dunn , Michael S. Jarrett , Adrian M. Marinescu , Marc E. Seinfeld , Axel Andrejs , Jayaraman Kalyana Sundaram
IPC分类号： G06F21/00 , G06F15/16
CPC分类号： G06F21/568 , G06F2221/2115
摘要： A system is described for remediating a malicious modern application installed on an end user device. In an embodiment, the system includes an antimalware program executing on the end user device that can detect and attempt to remediate the malicious modern application, an operating system executing on the end user device that is configured to interact with the antimalware program for the purpose of facilitating the establishment of a connection between the end user device and an application support system in response to determining that the antimalware program has detected and attempted to remediate the malicious modern application, and the application support system that can perform remediation operations beyond those that can be performed by the antimalware program.
摘要翻译：描述了一种用于修复安装在最终用户设备上的恶意现代应用程序的系统。在一个实施例中，系统包括在最终用户设备上执行的可以检测并尝试修复恶意现代应用的反恶意软件程序，该终端用户设备上执行的被配置为与反恶意软件程序交互的操作系统，响应于确定反恶意软件程序已经检测并尝试修复恶意现代应用程序，以及能够执行补救操作的应用程序支持系统，超出可以执行的修复操作，便于建立最终用户设备和应用程序支持系统之间的连接由反恶意程序执行。

4. 发明授权

US09436826B2 Discovering malicious input files and performing automatic and distributed remediation 有权
标题翻译：发现恶意输入文件并执行自动和分布式修复
公开(公告)号：US09436826B2
公开(公告)日：2016-09-06
申请号：US13161950
申请日：2011-06-16
申请人： Vishal Kapoor , Jonathan Mark Keller , Ajith Kumar , Adrian M. Marinescu , Marc E. Seinfeld , Anil Francis Thomas , Michael Sean Jarrett , Joseph J. Johnson , Joseph L. Faulhaber
发明人： Vishal Kapoor , Jonathan Mark Keller , Ajith Kumar , Adrian M. Marinescu , Marc E. Seinfeld , Anil Francis Thomas , Michael Sean Jarrett , Joseph J. Johnson , Joseph L. Faulhaber
IPC分类号： G06F21/56 , G06F21/52 , G06F21/55 , H04L29/06
CPC分类号： G06F21/566 , G06F21/52 , G06F21/552 , G06F21/554 , G06F21/56 , G06F21/568 , G06F2221/2101 , H04L63/145
摘要： The subject disclosure is directed towards detecting malware or possible malware in an input file by allowing the input file to be opened, and by monitoring for one or more behaviors corresponding to the open file that likely indicate malware. Only certain executable files and/or file types opened thereby may be monitored, with various collected event data used for antimalware purposes when improper behavior is observed. Example behaviors include writing of a file to storage, generation of network traffic, injection of a process, running of script, and/or writing system registry data. Telemetry data and/or a sample of the file may be sent to an antimalware service, and malware remediation may be performed. Data (e.g., the collected events) may be distributed to other nodes for use in antimalware detection, e.g., to block execution of a similar file.
摘要翻译：本发明涉及通过允许打开输入文件以及通过监视与可能指示恶意软件的打开文件相对应的一个或多个行为来检测输入文件中的恶意软件或可能的恶意软件。可以监视由此引起的某些可执行文件和/或文件类型，当观察到不当的行为时，各种收集的事件数据用于反恶意软件目的。示例行为包括将文件写入存储，生成网络流量，注入进程，运行脚本和/或编写系统注册表数据。遥测数据和/或文件样本可以被发送到反恶意软件服务，并且可以执行恶意软件修复。数据（例如，收集的事件）可以被分发到其他节点以用于反恶意软件检测，例如阻止类似文件的执行。

5. 发明授权

US08955133B2 Applying antimalware logic without revealing the antimalware logic to adversaries 有权
标题翻译：应用反恶意软件逻辑，而不会向对手揭示反恶意软件逻辑
公开(公告)号：US08955133B2
公开(公告)日：2015-02-10
申请号：US13156726
申请日：2011-06-09
申请人： Ajith Kumar , Timothy Jon Fraser , Adrian M. Marinescu , Marc E. Seinfeld , Jack Wilson Stokes, III , Anil Francis Thomas
发明人： Ajith Kumar , Timothy Jon Fraser , Adrian M. Marinescu , Marc E. Seinfeld , Jack Wilson Stokes, III , Anil Francis Thomas
IPC分类号： G06F21/00 , G06F21/55 , G06F21/56
CPC分类号： G06F21/552 , G06F21/566
摘要： The subject disclosure is directed towards a technology by which antimalware detection logic is maintained and operated at a backend service, with which a customer frontend machine communicates (queries) for purposes of malware detection. In this way, some antimalware techniques are maintained at the backend service rather than revealed to antimalware authors. The backend antimalware detection logic may be based upon feature selection, and may be updated rapidly, in a manner that is faster than malware authors can track. Noise may be added to the results to make it difficult for malware authors to deduce the logic behind the results. The backend may return results indicating malware or not malware, or return inconclusive results. The backend service may also detect probing-related queries that are part of an attempt to deduce the unrevealed antimalware detection logic, with noisy results returned in response and/or other actions taken to foil the attempt.
摘要翻译：主题公开涉及一种技术，通过该技术，反恶意软件检测逻辑在后端服务中被维护和操作，客户前端机器为此进行通信（查询）以用于恶意软件检测。这样一来，后端服务就会保留一些反恶意软件技术，而不是反恶意软件作者。后端反恶意软件检测逻辑可以基于特征选择，并且可以以比作者可追踪的恶意软件更快的方式快速更新。噪声可能会添加到结果中，使恶意软件作者难以推断出结果背后的逻辑。后端可能返回指示恶意软件或不是恶意软件的结果，或返回不确定的结果。后端服务还可以检测作为尝试推断出未显示的反恶意软件检测逻辑的一部分的探测相关查询，其中响应返回噪声结果和/或为了抵制该尝试而采取的其他动作。

6. 发明申请

US20120317644A1 Applying Antimalware Logic without Revealing the Antimalware Logic to Adversaries 有权
标题翻译：应用反恶意软件逻辑，而不会向对手揭示反恶意软件逻辑
公开(公告)号：US20120317644A1
公开(公告)日：2012-12-13
申请号：US13156726
申请日：2011-06-09
申请人： Ajith Kumar , Timothy Jon Fraser , Adrian M. Marinescu , Marc E. Seinfeld , Jack Wilson Stokes, III , Anil Francis Thomas
发明人： Ajith Kumar , Timothy Jon Fraser , Adrian M. Marinescu , Marc E. Seinfeld , Jack Wilson Stokes, III , Anil Francis Thomas
IPC分类号： G06F21/00
CPC分类号： G06F21/552 , G06F21/566
摘要： The subject disclosure is directed towards a technology by which antimalware detection logic is maintained and operated at a backend service, with which a customer frontend machine communicates (queries) for purposes of malware detection. In this way, some antimalware techniques are maintained at the backend service rather than revealed to antimalware authors. The backend antimalware detection logic may be based upon feature selection, and may be updated rapidly, in a manner that is faster than malware authors can track. Noise may be added to the results to make it difficult for malware authors to deduce the logic behind the results. The backend may return results indicating malware or not malware, or return inconclusive results. The backend service may also detect probing-related queries that are part of an attempt to deduce the unrevealed antimalware detection logic, with noisy results returned in response and/or other actions taken to foil the attempt.
摘要翻译：主题公开涉及一种技术，通过该技术，反恶意软件检测逻辑在后端服务中被维护和操作，客户前端机器为此进行通信（查询）以用于恶意软件检测。这样一来，后端服务就会保留一些反恶意软件技术，而不是反恶意软件作者。后端反恶意软件检测逻辑可以基于特征选择，并且可以以比作者可追踪的恶意软件更快的方式快速更新。噪声可能会添加到结果中，使恶意软件作者难以推断出结果背后的逻辑。后端可能返回指示恶意软件或不是恶意软件的结果，或返回不确定的结果。后端服务还可以检测作为尝试推断出未显示的反恶意软件检测逻辑的一部分的探测相关查询，其响应返回的噪声结果和/或为了抵制尝试而采取的其他动作。

7. 发明申请

US20120297488A1 Discovering Malicious Input Files and Performing Automatic and Distributed Remediation 有权
标题翻译：发现恶意输入文件并执行自动和分布式修复
公开(公告)号：US20120297488A1
公开(公告)日：2012-11-22
申请号：US13161950
申请日：2011-06-16
申请人： Vishal Kapoor , Jonathan Mark Keller , Ajith Kumar , Adrian M. Marinescu , Marc E. Seinfeld , Anil Francis Thomas , Michael Sean Jarrett , Joseph J. Johnson , Joseph L. Faulhaber
发明人： Vishal Kapoor , Jonathan Mark Keller , Ajith Kumar , Adrian M. Marinescu , Marc E. Seinfeld , Anil Francis Thomas , Michael Sean Jarrett , Joseph J. Johnson , Joseph L. Faulhaber
IPC分类号： G06F11/00
CPC分类号： G06F21/566 , G06F21/52 , G06F21/552 , G06F21/554 , G06F21/56 , G06F21/568 , G06F2221/2101 , H04L63/145
摘要： The subject disclosure is directed towards detecting malware or possible malware in an input file by allowing the input file to be opened, and by monitoring for one or more behaviors corresponding to the open file that likely indicate malware. Only certain executable files and/or file types opened thereby may be monitored, with various collected event data used for antimalware purposes when improper behavior is observed. Example behaviors include writing of a file to storage, generation of network traffic, injection of a process, running of script, and/or writing system registry data. Telemetry data and/or a sample of the file may be sent to an antimalware service, and malware remediation may be performed. Data (e.g., the collected events) may be distributed to other nodes for use in antimalware detection, e.g., to block execution of a similar file.
摘要翻译：本发明涉及通过允许打开输入文件以及通过监视与可能指示恶意软件的打开文件相对应的一个或多个行为来检测输入文件中的恶意软件或可能的恶意软件。可以监视由此引起的某些可执行文件和/或文件类型，当观察到不当的行为时，各种收集的事件数据用于反恶意软件目的。示例行为包括将文件写入存储，生成网络流量，注入进程，运行脚本和/或编写系统注册表数据。遥测数据和/或文件样本可以被发送到反恶意软件服务，并且可以执行恶意软件修复。数据（例如，收集的事件）可以被分发到其他节点以用于反恶意软件检测，例如阻止类似文件的执行。

8. 发明授权

US07640583B1 Method and system for protecting anti-malware programs 有权
标题翻译：保护反恶意程序的方法和系统
公开(公告)号：US07640583B1
公开(公告)日：2009-12-29
申请号：US11097984
申请日：2005-04-01
申请人： Adrian M. Marinescu , Matthew I. Braverman , Marc E. Seinfeld
发明人： Adrian M. Marinescu , Matthew I. Braverman , Marc E. Seinfeld
IPC分类号： G06F11/30 , G06F11/00
CPC分类号： G06F21/14 , G06F21/55
摘要： In general, embodiments of the present invention provide protection for anti-malware software programs (also referred to herein as anti-malware) that is in addition to the protection that currently exists. In particular, instead of only protecting anti-malware programs from malware attacks by attempting to detect the malware software programs (also referred to herein as malware) before they can accomplish their malicious task, embodiments of the present invention obfuscate, or hide, the anti-malware and/or files associated with the anti-malware. Obfuscating files makes it difficult for malware to locate the information needed to accomplish its malware tasks. Additionally, because obfuscation makes file location difficult, malware that attempts to overcome this protection technique will likely include or use a detection engine.
摘要翻译：通常，本发明的实施例提供了除了目前存在的保护之外的反恶意软件软件程序（此处也称为反恶意软件）的保护。具体而言，本发明的实施例在实现恶意软件之前，通过尝试检测恶意软件程序（此处也称为恶意软件）来防止恶意软件程序免受恶意软件攻击，而不是混淆或隐藏防恶意软件恶意软件和/或与反恶意软件相关联的文件。混淆文件使恶意软件难以找到完成其恶意软件任务所需的信息。另外，由于混淆使文件位置变得困难，企图克服此保护技术的恶意软件可能包含或使用检测引擎。

9. 发明授权

US07174565B2 Negotiating secure connections through a proxy server 有权
标题翻译：通过代理服务器协商安全连接
公开(公告)号：US07174565B2
公开(公告)日：2007-02-06
申请号：US11305600
申请日：2005-12-16
申请人： Donald J. Kadyk , Neil S. Fishman , Marc E. Seinfeld , Michael Kramer
发明人： Donald J. Kadyk , Neil S. Fishman , Marc E. Seinfeld , Michael Kramer
IPC分类号： H04L9/00
CPC分类号： H04L63/0281 , H04L63/0428 , H04L63/0823 , H04L67/14
摘要： Methods, systems, and computer program products for negotiating a secure end-to-end connection using a proxy server as an intermediary. The client first negotiates a secure connection between the client and the proxy so that any credentials exchanged will be encrypted. After the exchange of authentication credentials, the secure client-proxy connection is altered so that no further encryption takes place. The client and server then negotiate a secure end-to-end connection through the proxy, with the secure end-to-end connection being encapsulated within the insecure client-proxy connection. In this way, the overhead of creating a separate client-proxy connection for the secure end-to-end connection may be avoided, but the insecure client-proxy connection introduces only minimal overhead because it no longer encrypts any data that it carries.
摘要翻译：用于使用代理服务器作为中介协商安全的端对端连接的方法，系统和计算机程序产品。客户端首先协商客户端和代理之间的安全连接，以便交换的任何凭证将被加密。交换认证凭证后，安全客户端 - 代理连接被更改，以便不进行进一步的加密。然后，客户端和服务器通过代理协商安全的端到端连接，安全的端到端连接被封装在不安全的客户端 - 代理连接中。以这种方式，可以避免为安全端到端连接创建单独的客户端 - 代理连接的开销，但不安全的客户端 - 代理连接仅引入最小开销，因为它不再加密其携带的任何数据。

10. 发明授权

US06996841B2 Negotiating secure connections through a proxy server 失效
公开(公告)号：US06996841B2
公开(公告)日：2006-02-07
申请号：US09838745
申请日：2001-04-19
申请人： Donald J. Kadyk , Neil S. Fishman , Marc E. Seinfeld , Michael Kramer
发明人： Donald J. Kadyk , Neil S. Fishman , Marc E. Seinfeld , Michael Kramer
IPC分类号： H04L9/00
CPC分类号： H04L63/0281 , H04L63/0428 , H04L63/0823 , H04L67/14
摘要： Methods, systems, and computer program products for negotiating a secure end-to-end connection using a proxy server as an intermediary. The client first negotiates a secure connection between the client and the proxy so that any credentials exchanged will be encrypted. After the exchange of authentication credentials, the secure client-proxy connection is altered so that no further encryption takes place. The client and server then negotiate a secure end-to-end connection through the proxy, with the secure end-to-end connection being encapsulated within the insecure client-proxy connection. In this way, the overhead of creating a separate client-proxy connection for the secure end-to-end connection may be avoided, but the insecure client-proxy connection introduces only minimal overhead because it no longer encrypts any data that it carries.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式