专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20070006304A1 Optimizing malware recovery 审中-公开
标题翻译：优化恶意软件恢复
公开(公告)号：US20070006304A1
公开(公告)日：2007-01-04
申请号：US11172373
申请日：2005-06-30
申请人： Michael Kramer , Scott Field , Marc Seinfeld
发明人： Michael Kramer , Scott Field , Marc Seinfeld
IPC分类号： G06F12/14
CPC分类号： G06F21/554 , G06F21/55 , G06F21/568 , H04L63/1416 , H04L63/1441
摘要： Malware recovery optimization is provided in which malware detection processes and protocol processes on a device are monitored for events indicating a breach of security of the device, such as the presence of an infection or other evidence of a malware attack. The devices report the events for collection on a centralized event collector that issues alerts of the events to other devices that may have been compromised as a result of the breach of security. Upon receipt of the alert, the receiving devices may initiate malware recovery optimization, including activating anti-virus software to initiate a targeted scan of those resources that may have been compromised. In this manner, malware recovery processes are optimized to recover the receiving device and/or resources when indicated.
摘要翻译：提供了恶意软件恢复优化，其中监视设备上的恶意软件检测过程和协议进程，以指示违反设备安全性的事件，例如是否存在感染或其他恶意软件攻击证据。这些设备会报告在集中式事件收集器上收集的事件，从而将事件的警报发送到可能由于违反安全性而受到威胁的其他设备。在接收到警报之后，接收设备可以启动恶意软件恢复优化，包括激活防病毒软件以对可能已经被泄露的那些资源进行有针对性的扫描。以这种方式，恶意软件恢复过程被优化以在指示时恢复接收设备和/或资源。

2. 发明申请

US20060137010A1 Method and system for a self-healing device 有权
标题翻译：自愈装置的方法和系统
公开(公告)号：US20060137010A1
公开(公告)日：2006-06-22
申请号：US11018412
申请日：2004-12-21
申请人： Michael Kramer , Scott Field , Marc Seinfeld , Carl Carter-Schwendler , Paul Luber , Adrian Marinescu
发明人： Michael Kramer , Scott Field , Marc Seinfeld , Carl Carter-Schwendler , Paul Luber , Adrian Marinescu
IPC分类号： G06F12/14
CPC分类号： G06F21/568 , G06F21/554 , Y10S707/99953
摘要： A self-healing device is provided in which changes made between the time that an infection resulting from an attack on the device was detected and an earlier point in time to which the device is capable of being restored may be recovered based, at least in part, on what kinds of changes were made, whether the changes were bona fide or malware induced, whether the changes were made after the time that the infection likely occurred, and whether new software was installed.
摘要翻译：提供了一种自愈设备，其中，可以在至少部分地恢复在检测到由设备的攻击引起的感染的时间与设备能够恢复到的较早时间点之间进行的改变关于什么样的变化，这些变化是真正的还是恶意软件引起的，这些变化是否在感染可能发生的时间之后进行，以及是否安装了新的软件。

3. 发明申请

US20060130141A1 System and method of efficiently identifying and removing active malware from a computer 有权
标题翻译：从计算机有效识别和删除活动恶意软件的系统和方法
公开(公告)号：US20060130141A1
公开(公告)日：2006-06-15
申请号：US11012892
申请日：2004-12-15
申请人： Michael Kramer , Matthew Braverman , Marc Seinfeld , Jason Garms , Adrian Marinescu , George Chicioreanu , Scott Field
发明人： Michael Kramer , Matthew Braverman , Marc Seinfeld , Jason Garms , Adrian Marinescu , George Chicioreanu , Scott Field
IPC分类号： G06F12/14
CPC分类号： H04L63/1408 , G06F21/562
摘要： The present invention provides a system, method, and computer-readable medium for identifying and removing active malware from a computer. Aspects of the present invention are included in a cleaner tool that may be obtained automatically with an update service or may be downloaded manually from a Web site or similar distribution system. The cleaner tool includes a specialized scanning engine that searches a computer for active malware. Since the scanning engine only searches for active malware, the amount of data downloaded and resource requirements of the cleaner tool are less than traditional antivirus software. The scanning engine searches specific locations on a computer, such as data mapped in memory, configuration files, and file metadata for data characteristic of malware. If malware is detected, the cleaner tool removes the malware from the computer.
摘要翻译：本发明提供一种用于从计算机识别和去除活动恶意软件的系统，方法和计算机可读介质。本发明的方面包括在可以使用更新服务自动获得的清洁工具中，或者可以从网站或类似的分发系统手动下载。更清洁的工具包括专门的扫描引擎，可在计算机上搜索主动恶意软件。由于扫描引擎仅搜索活动的恶意软件，所以下载的数据量和清洁工具的资源需求比传统的防病毒软件要少。扫描引擎在计算机上搜索特定位置，例如映射到内存中的数据，配置文件和文件元数据，以便恶意软件的特征。如果检测到恶意软件，则清洁工具会从计算机中删除恶意软件。

4. 发明申请

US20060200863A1 On-access scan of memory for malware 有权
标题翻译：恶意软件的内存访问扫描
公开(公告)号：US20060200863A1
公开(公告)日：2006-09-07
申请号：US11070468
申请日：2005-03-01
申请人： Kenneth Ray , Michael Kramer , Paul England , Scott Field
发明人： Kenneth Ray , Michael Kramer , Paul England , Scott Field
IPC分类号： G06F12/14
CPC分类号： G06F12/145 , G06F21/562
摘要： The present invention provides a system, method, and computer-readable medium for identifying malware that is loaded in the memory of a computing device. Software routines implemented by the present invention track the state of pages loaded in memory using page table access bits available from a central processing unit. A page in memory may be in a state that is “unsafe” or potentially infected with malware. In this instance, the present invention calls a scan engine to search a page for malware before information on the page is executed.
摘要翻译：本发明提供一种用于识别加载到计算设备的存储器中的恶意软件的系统，方法和计算机可读介质。由本发明实现的软件程序使用从中央处理单元获得的页表访问位来跟踪加载在存储器中的页的状态。内存中的页面可能处于“不安全”或可能感染恶意软件的状态。在这种情况下，本发明在页面上的信息被执行之前，调用扫描引擎来搜索页面中的恶意软件。

5. 发明申请

US20060136720A1 Computer security management, such as in a virtual machine or hardened operating system 有权
标题翻译：计算机安全管理，如虚拟机或硬化操作系统
公开(公告)号：US20060136720A1
公开(公告)日：2006-06-22
申请号：US11019094
申请日：2004-12-21
申请人： Benjamin Armstrong , Paul England , Scott Field , Jason Garms , Michael Kramer , Kenneth Ray
发明人： Benjamin Armstrong , Paul England , Scott Field , Jason Garms , Michael Kramer , Kenneth Ray
IPC分类号： H04L9/00
CPC分类号： G06F21/53 , G06F21/56 , G06F21/566
摘要： A security scheme provides security to one or more self-contained operating environment instances executing on a computer. The security scheme may include implementing a set of security applications that may be controlled by a supervisory process, or the like. Both the set of security applications and the supervisory process may operate on a host system of the computer, which may also provide a platform for execution of the one or more self-contained operating environments. The security scheme protects processes running in the one or more self-contained operating environment and processes running on the computer outside of the self-contained operating environments.
摘要翻译：安全方案为在计算机上执行的一个或多个自包含的操作环境实例提供安全性。安全方案可以包括实现可由监督过程等控制的一组安全应用。所述一组安全应用程序和监督过程可以在计算机的主机系统上操作，其还可以提供用于执行一个或多个独立操作环境的平台。安全性方案保护在独立操作环境中运行的进程和在独立操作环境之外的计算机上运行的进程。

6. 发明申请

US20060230451A1 Systems and methods for verifying trust of executable files 有权
公开(公告)号：US20060230451A1
公开(公告)日：2006-10-12
申请号：US11100770
申请日：2005-04-07
申请人： Michael Kramer , Kenneth Ray , Paul England , Scott Field , Jonathan Schwartz
发明人： Michael Kramer , Kenneth Ray , Paul England , Scott Field , Jonathan Schwartz
IPC分类号： G06F12/14
CPC分类号： G06F21/51 , G06F21/56
摘要： Systems and methods for validating integrity of an executable file are described. In one aspect, the systems and methods determine that an executable file is being introduced into a path of execution. The executable file is then automatically evaluated in view of multiple malware checks to detect if the executable file represents a type of malware. The multiple malware checks are integrated into an operating system trust verification process along the path of execution.

7. 发明申请

US20060218635A1 Dynamic protection of unpatched machines 有权
公开(公告)号：US20060218635A1
公开(公告)日：2006-09-28
申请号：US11090679
申请日：2005-03-25
申请人： Michael Kramer , Art Shelest , Carl Carter-Schwendler , Gary Henderson , Scott Field , Sterling Reasor
发明人： Michael Kramer , Art Shelest , Carl Carter-Schwendler , Gary Henderson , Scott Field , Sterling Reasor
IPC分类号： G06F12/14
CPC分类号： G06F21/56 , G06F21/57 , H04L41/0659 , H04L41/0816 , H04L63/02 , H04L63/1441 , H04L69/40
摘要： A system and method for protecting a computer system connected to a communication network from a potential vulnerability. The system and method protects a computer system that is about to undergo or has just undergone a change in state that may result in placing the computer system at risk to viruses, and the like, over a communication network. The system and method first detect an imminent or recent change in state. A security component and a fixing component react to the detection of the change in state. The security component may raise the security level to block incoming network information, other than information from a secure or known location, or information requested by the computer system. The fixing component implements a fixing routine, such as installing missing updates or patches, and on successfully completing the fixing routine, the security level is relaxed or lowered.

8. 发明申请

US20060218637A1 System and method of selectively scanning a file on a computing device for malware 有权
标题翻译：有选择地扫描计算设备上的恶意软件文件的系统和方法
公开(公告)号：US20060218637A1
公开(公告)日：2006-09-28
申请号：US11090086
申请日：2005-03-24
申请人： Anil Thomas , Michael Kramer , Scott Field
发明人： Anil Thomas , Michael Kramer , Scott Field
IPC分类号： G06F12/14
CPC分类号： G06F21/51 , G06F21/564
摘要： In accordance with this invention, a system, method, and computer-readable medium that selectively scans files stored on a computing device for malware is provided. One or more files may be sent from a trusted source to a computing device that implements the present invention. The integrity of the files that originate from a trusted source is validated using a signature-based hashing function. Any modifications made to files stored on the computing device are tracked by a component of the operating system. In instances when the file is not modified after being validated, an aspect of the present invention prevents the file from being scanned for malware when a scanning event is directed to the file. As a result, the performance of the computing device is improved as static files from trusted sources are not repeatedly scanned for malware.
摘要翻译：根据本发明，提供了选择扫描存储在计算设备上的用于恶意软件的文件的系统，方法和计算机可读介质。一个或多个文件可以从可信源发送到实现本发明的计算设备。源自可信源的文件的完整性使用基于签名的散列函数进行验证。对存储在计算设备上的文件的任何修改由操作系统的组件跟踪。在文件在被验证之后未被修改的情况下，本发明的一个方面防止当扫描事件被引导到该文件时该文件被扫描恶意软件。因此，由于来自可信源的静态文件不会重复扫描恶意软件，因此计算设备的性能得到改善。

9. 发明申请

US20130117806A1 NETWORK BASED PROVISIONING 审中-公开
标题翻译：基于网络的规定
公开(公告)号：US20130117806A1
公开(公告)日：2013-05-09
申请号：US13292922
申请日：2011-11-09
申请人： Srivatsan Parthasarathy , Scott Field , Joseph Dadzie , David Kays
发明人： Srivatsan Parthasarathy , Scott Field , Joseph Dadzie , David Kays
IPC分类号： G06F21/00 , G06F17/00
CPC分类号： G06F21/53 , G06F21/604
摘要： The subject disclosure generally relates to provisioning devices via a network service, such as a cloud service. A profile component can authenticate a user of a device with a cloud service, and determine services maintained by the network service that are associated with the user. A reception component can receive a request for a set of services from the device, and a services component can obtain the set of services from the network service, and provision the device based on the set of services. Provisioning the device can include downloading the services to the device, or including the services in a virtual machine executing in the network service.
摘要翻译：主题公开通常涉及通过诸如云服务的网络服务来提供设备。配置文件组件可以使用云服务验证设备的用户，并确定网络服务维护的与用户相关联的服务。接收组件可以从设备接收对一组服务的请求，并且服务组件可以从网络服务获得一组服务，并且基于该组服务来提供设备。配置设备可以包括将服务下载到设备，或者将服务包括在网络服务中执行的虚拟机中。

10. 发明申请

US20080022093A1 Integrating security protection tools with computer device integrity and privacy policy 有权
标题翻译：将安全保护工具与计算机设备完整性和隐私政策集成
公开(公告)号：US20080022093A1
公开(公告)日：2008-01-24
申请号：US11472052
申请日：2006-06-20
申请人： Thekkthalackal Varugis Kurien , Jeffrey B. Hamblin , Narasimha Rao Nagampalli , Peter T. Brundrett , Scott Field
发明人： Thekkthalackal Varugis Kurien , Jeffrey B. Hamblin , Narasimha Rao Nagampalli , Peter T. Brundrett , Scott Field
IPC分类号： H04L9/00
CPC分类号： G06F21/50 , G06F21/51 , G06F21/53
摘要： At computer device power on, the operating system of the computer device initiates a monitor. The monitor assigns a monitoring program to each program and object (collectively, “program”) running on the computer device to monitor the activities of the program. When the monitoring program is assigned to a program, the monitoring program is assigned an integrity and/or privacy label (collectively, “integrity label”) based on predetermined criteria applied to the monitored program. The monitoring program, in turn, assigns an integrity label to the program monitored by the monitoring program. The integrity label assigned to the monitored program is less than or equal to the integrity label of the monitoring program. The monitor enforces an integrity policy of the computer device based on the integrity label assigned to monitored programs and the integrity label associated with data, another program, or a remote network resource that the monitored program is seeking to access.
摘要翻译：在计算机设备上电时，计算机设备的操作系统启动监视器。监视器为在计算机设备上运行的每个程序和对象（统称为“程序”）分配监视程序，以监视程序的活动。当监视程序被分配给程序时，基于应用于监视程序的预定标准，向监视程序分配完整性和/或隐私标签（统称为“完整性标签”）。监控程序又向监控程序监控的程序分配一个完整性标签。分配给被监视程序的完整性标签小于或等于监视程序的完整性标签。监视器基于分配给被监视程序的完整性标签和与监视程序正在寻求访问的数据，另一程序或远程网络资源相关联的完整性标签来强制执行计算机设备的完整性策略。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式