-
1.发明授权Balancing malware rootkit detection with power consumption on mobile devices 有权在移动设备上平衡恶意软件rootkit检测功耗公开(公告)号:US08566935B2
公开(公告)日:2013-10-22
申请号:US13106479
申请日:2011-05-12
申请人: Horacio Andres Lagar-Cavilla , Jeffrey Bickford , Vinod Ganapathy , Liviu Iftode , Alexander Varshavsky
发明人: Horacio Andres Lagar-Cavilla , Jeffrey Bickford , Vinod Ganapathy , Liviu Iftode , Alexander Varshavsky
CPC分类号: G06F21/56 , G06F21/577 , G06F21/81 , H04W12/12 , Y02D70/1224 , Y02D70/142 , Y02D70/144 , Y02D70/164
摘要: The subject disclosure presents a novel technique for balancing the tradeoff between security monitoring and energy consumption on mobile devices. Security/energy tradeoffs for host-based detectors focusing on rootkits are analyzed along two axes: a scanning frequency, and a surface of attack. Experimental results are applied to a hypervisor-based framework, and a sweet spot is identified to minimize both energy consumption and a window of vulnerability for critical operating system objects such as code pages and kernel data.
摘要翻译: 该主题公开提出了一种用于平衡移动设备上的安全监控和能量消耗之间的权衡的新颖技术。 主要针对rootkit的主机检测器的安全/能量权衡分析了两个轴:扫描频率和攻击面。 实验结果应用于基于虚拟机管理程序的框架,并且确定了一个最佳点,以最小化关键操作系统对象(如代码页和内核数据)的能耗和脆弱性窗口。
-
2.发明申请Balancing Malware Rootkit Detection with Power Consumption on Mobile Devices 有权在移动设备上平衡恶意软件Rootkit检测功耗公开(公告)号:US20120291126A1
公开(公告)日:2012-11-15
申请号:US13106479
申请日:2011-05-12
申请人: Horacio Andres Lagar-Cavilla , Jeffrey Bickford , Vinod Ganapathy , Liviu Iftode , Alexander Varshavsky
发明人: Horacio Andres Lagar-Cavilla , Jeffrey Bickford , Vinod Ganapathy , Liviu Iftode , Alexander Varshavsky
IPC分类号: G06F21/00
CPC分类号: G06F21/56 , G06F21/577 , G06F21/81 , H04W12/12 , Y02D70/1224 , Y02D70/142 , Y02D70/144 , Y02D70/164
摘要: The subject disclosure presents a novel technique for balancing the tradeoff between security monitoring and energy consumption on mobile devices. Security/energy tradeoffs for host-based detectors focusing on rootkits are analyzed along two axes: a scanning frequency, and a surface of attack. Experimental results are applied to a hypervisor-based framework, and a sweet spot is identified to minimize both energy consumption and a window of vulnerability for critical operating system objects such as code pages and kernel data.
摘要翻译: 该主题公开提出了一种用于平衡移动设备上的安全监控和能量消耗之间的权衡的新颖技术。 主要针对rootkit的主机检测器的安全/能量权衡分析了两个轴:扫描频率和攻击面。 实验结果应用于基于虚拟机管理程序的框架,并且确定了一个最佳点,以最小化关键操作系统对象(如代码页和内核数据)的能耗和脆弱性窗口。
-
公开(公告)号:US20130019306A1
公开(公告)日:2013-01-17
申请号:US13180851
申请日:2011-07-12
IPC分类号: G06F12/14
CPC分类号: G06F21/566
摘要: Remote assistance is provided to a mobile device across a network to enable malware detection. The mobile device transmits potentially infected memory pages to a remote server across a network. The remote server performs analysis, and provides feedback to the mobile device. Based on the received feedback, the mobile device halts a process, or retrieves and transmits additional memory pages to the remote server for more analysis. This process is repeated until a compromised region of memory is identified and/or isolated for further repair to be performed. The feedback from the remote server reduces the processing and storage burden on the mobile device, resulting in a more reliable detection that uses fewer resources. Embodiments including hypervisors and virtual machines are disclosed.
摘要翻译: 通过网络向移动设备提供远程协助,以实现恶意软件检测。 移动设备通过网络将可能感染的内存页面传输到远程服务器。 远程服务器执行分析,并向移动设备提供反馈。 基于收到的反馈,移动设备停止进程,或者检索和发送附加的内存页面到远程服务器进行更多的分析。 重复该过程,直到识别和/或隔离存储器的受损区域以进行进一步修复。 来自远程服务器的反馈减少了移动设备的处理和存储负担,从而导致使用较少资源的更可靠的检测。 公开了包括管理程序和虚拟机的实施例。
-
公开(公告)号:US08584242B2
公开(公告)日:2013-11-12
申请号:US13180851
申请日:2011-07-12
IPC分类号: G06F11/00
CPC分类号: G06F21/566
摘要: Remote assistance is provided to a mobile device across a network to enable malware detection. The mobile device transmits potentially infected memory pages to a remote server across a network. The remote server performs analysis, and provides feedback to the mobile device. Based on the received feedback, the mobile device halts a process, or retrieves and transmits additional memory pages to the remote server for more analysis. This process is repeated until a compromised region of memory is identified and/or isolated for further repair to be performed. The feedback from the remote server reduces the processing and storage burden on the mobile device, resulting in a more reliable detection that uses fewer resources. Embodiments including hypervisors and virtual machines are disclosed.
摘要翻译: 通过网络向移动设备提供远程协助,以实现恶意软件检测。 移动设备通过网络将可能感染的内存页面传输到远程服务器。 远程服务器执行分析,并向移动设备提供反馈。 基于收到的反馈,移动设备停止进程,或者检索和发送附加的内存页面到远程服务器进行更多的分析。 重复该过程,直到识别和/或隔离存储器的受损区域以进行进一步修复。 来自远程服务器的反馈减少了移动设备的处理和存储负担,从而导致使用较少资源的更可靠的检测。 公开了包括管理程序和虚拟机的实施例。
-
公开(公告)号:US20140040206A1
公开(公告)日:2014-02-06
申请号:US13565494
申请日:2012-08-02
申请人: Kadangode K. Ramakrishnan , Horacio Andres Lagar-Cavilla , Prashant Shenoy , Jacobus Van der Merwe , Timothy Wood
发明人: Kadangode K. Ramakrishnan , Horacio Andres Lagar-Cavilla , Prashant Shenoy , Jacobus Van der Merwe , Timothy Wood
CPC分类号: G06F11/2097 , G06F11/2094 , G06F2201/82
摘要: Pipelined data replication for disaster recovery is disclosed. An example pipelined data replication method for disaster recovery disclosed herein comprises sending replicated first data from a primary processing environment to a secondary processing environment for backup by the secondary processing environment, the replicated first data being a replica of first data in the primary processing environment, processing the first data in the primary processing environment prior to the backup of the replicated first data by the secondary processing environment being confirmed, and preventing a result of the processing of the first data from being released by the primary processing environment until the backup of the replicated first data by the secondary processing environment is confirmed.
摘要翻译: 披露了用于灾难恢复的流水线数据复制。 本文所公开的用于灾难恢复的流水线数据复制方法包括:将复制的第一数据从主处理环境发送到辅助处理环境以供辅助处理环境备份,复制的第一数据是主处理环境中的第一数据的副本, 在正在确认的辅助处理环境备份复制的第一数据之前在主处理环境中处理第一数据,并且防止第一数据的处理结果被主处理环境释放直到备份 确认了由二次处理环境复制的第一数据。
-
公开(公告)号:US10152398B2
公开(公告)日:2018-12-11
申请号:US13565494
申请日:2012-08-02
申请人: Kadangode K. Ramakrishnan , Horacio Andres Lagar-Cavilla , Prashant Shenoy , Jacobus Van der Merwe , Timothy Wood
发明人: Kadangode K. Ramakrishnan , Horacio Andres Lagar-Cavilla , Prashant Shenoy , Jacobus Van der Merwe , Timothy Wood
摘要: Pipelined data replication for disaster recovery is disclosed. An example pipelined data replication method for disaster recovery disclosed herein comprises sending replicated first data from a primary processing environment to a secondary processing environment for backup by the secondary processing environment, the replicated first data being a replica of first data in the primary processing environment, processing the first data in the primary processing environment prior to the backup of the replicated first data by the secondary processing environment being confirmed, and preventing a result of the processing of the first data from being released by the primary processing environment until the backup of the replicated first data by the secondary processing environment is confirmed.
-
7.发明授权公开(公告)号:US09250969B2
公开(公告)日:2016-02-02
申请号:US13220972
申请日:2011-08-30
申请人: Horacio Andres Lagar-Cavilla , Roy Bryant , Matti Hiltunen , Olga Irzak , Kaustubh Joshi , Adin Matthew Scannell , Alexey Tumanov , Eyal de Lara
发明人: Horacio Andres Lagar-Cavilla , Roy Bryant , Matti Hiltunen , Olga Irzak , Kaustubh Joshi , Adin Matthew Scannell , Alexey Tumanov , Eyal de Lara
CPC分类号: G06F9/5016 , G06F9/5077
摘要: Methods and apparatus are disclosed to provision virtual machine resources. An example method includes labeling a copy of memory associated with an established virtual machine with an execution status based on an architecture type associated with the copy, and constraining a fetch operation in response to a page fault to a labeled portion of the copy that matches an architecture type of a received processor instruction.
摘要翻译: 公开了提供虚拟机资源的方法和装置。 示例性方法包括:基于与该副本相关联的架构类型,将具有执行状态的已建立的虚拟机相关联的存储器的副本标记,以及响应于页面错误将获取操作约束到与 接收到的处理器指令的架构类型。
-
公开(公告)号:US08611213B1
公开(公告)日:2013-12-17
申请号:US13486574
申请日:2012-06-01
IPC分类号: G06F11/00
CPC分类号: H04W72/1242 , H04W52/0216 , H04W52/0219 , Y02D70/1224 , Y02D70/1242 , Y02D70/1244 , Y02D70/1246 , Y02D70/1262 , Y02D70/1264 , Y02D70/142 , Y02D70/144 , Y02D70/146 , Y02D70/164
摘要: The disclosed subject matter relates to an architecture that can opportunistically leverage existing periods of inactivity or low activity for sending data at virtually no marginal cost. In particular, the architecture can receive data that is to be transmitted over a communications network. The data can be examined to determine whether or not the data is delay-tolerant. If so, then such data can be stored to a staging queue. The data can then be transmitted at a later time, particularly during a high-energy state facilitated by a different data transaction, but for which there are inactive or low-activity times.
摘要翻译: 所公开的主题涉及一种架构,其可以机会地利用现有的不活动时段或低活动以几乎不产生边际成本发送数据。 特别地,该体系结构可以接收将通过通信网络发送的数据。 可以检查数据以确定数据是否具有延迟容限。 如果是这样,则可以将这样的数据存储到分段队列。 然后可以在稍后的时间,特别是在由不同的数据事务促进的高能量状态下进行数据传输,但是对于该数据有无效或低活动时间。
-
-
-
-
-
-
-
搜索结果
8 条记录 (耗时 0.024 秒)
