公开(公告)号：US08973678B1

公开(公告)日：2015-03-10

申请号：US11562941

申请日：2006-11-22

申请人： Shaun Cooley ,  Bruce McCorkendale

发明人： Shaun Cooley ,  Bruce McCorkendale

IPC分类号： G06F17/00

CPC分类号： G06F21/56 ,  G06K9/6842 ,  H04L63/1408 ,  H04L63/145

摘要： Misspelled words are identified in incoming email messages. The presence of misspelled words in emails is used to help determine which the emails are spam. Various statistical information concerning the number, prevalence, distribution, etc. of misspelled words in email messages is analyzed to detect spam or other forms of undesirable email, such as phishing emails. In some embodiments, the language in which an email is written is identified in order to aid in the identification of misspelled words. In some embodiments, the analysis of the misspelling information is combined with other techniques used to identify undesirable email.

摘要翻译： 收到的电子邮件中标出拼写错误的单词。 在电子邮件中存在拼写错误的单词用于帮助确定哪些电子邮件是垃圾邮件。 分析关于电子邮件中拼错单词的数量，流行率，分布等的各种统计信息，以检测垃圾邮件或其他形式的不期望的电子邮件，例如网络钓鱼电子邮件。 在一些实施例中，识别写入电子邮件的语言以帮助识别拼写错误的单词。 在一些实施例中，拼写错误信息的分析与用于识别不期望的电子邮件的其他技术相结合。

公开(公告)号：US08910155B1

公开(公告)日：2014-12-09

申请号：US12938039

申请日：2010-11-02

申请人： William E. Sobel ,  Bruce McCorkendale

发明人： William E. Sobel ,  Bruce McCorkendale

IPC分类号： G06F9/455 ,  H04L29/06 ,  G06F17/30 ,  G06F9/445

CPC分类号： G06F9/445 ,  G06F9/455 ,  G06F9/45558 ,  G06F17/30

摘要： A method for inserting endpoint management agents into virtual machines. The method may include 1) identifying a process space of a virtual machine, the process space comprising at least one process of the virtual machine, 2) interrupting the process of the virtual machine by causing execution to transfer from the process of the virtual machine to an agent-insertion module that executes outside the process space of the virtual machine, 3) injecting, via the agent-insertion module, an endpoint management agent into the virtual machine, and 4) performing one or more endpoint management tasks on the virtual machine by causing the endpoint management agent to execute within the process space of the virtual machine. Various other methods, systems, and computer-readable media are also disclosed.

摘要翻译： 将端点管理代理插入虚拟机的方法。 所述方法可以包括：1）识别虚拟机的进程空间，所述处理空间包括所述虚拟机的至少一个进程; 2）通过使执行从所述虚拟机的进程转移到所述虚拟机的进程来中断所述虚拟机的进程 在虚拟机的处理空间外执行的代理插入模块，3）通过代理插入模块将端点管理代理注入虚拟机，以及4）在虚拟机上执行一个或多个端点管理任务 通过使端点管理代理在虚拟机的进程空间内执行。 还公开了各种其它方法，系统和计算机可读介质。

公开(公告)号：US08726386B1

公开(公告)日：2014-05-13

申请号：US13422702

申请日：2012-03-16

申请人： Bruce McCorkendale ,  Xue Feng Tian ,  Sheng Gong ,  Xiaole Zhu ,  Jun Mao ,  Qingchun Meng ,  Guilin Hu ,  Ge Hua Huang

发明人： Bruce McCorkendale ,  Xue Feng Tian ,  Sheng Gong ,  Xiaole Zhu ,  Jun Mao ,  Qingchun Meng ,  Guilin Hu ,  Ge Hua Huang

IPC分类号： G06F11/00

CPC分类号： G06F21/629 ,  G06F21/554 ,  H04W12/12

摘要： A computer-implemented method for detecting malware may include 1) identifying an application configured to use a permission on a mobile computing platform, the permission enabling the application to access a feature of the mobile computing platform, 2) determining that the application is configured to use the permission while executing as a background application on the mobile computing platform, 3) determining that the use of the permission is suspect based on the application being configured to use the permission while executing as the background application, and 4) performing a remediation action in response to determining that the use of the permission is suspect. Various other methods, systems, and computer-readable media are also disclosed.

摘要翻译： 用于检测恶意软件的计算机实现的方法可以包括：1）识别配置为在移动计算平台上使用许可的应用，允许应用访问移动计算平台的特征的许可，2）确定应用被配置为 在所述移动计算平台上作为后台应用程序执行时，使用所述权限; 3）根据所述应用被配置为在执行所述后台应用时使用所述权限，确定所述权限的使用是可疑的，以及4）执行修复动作 以确定使用权限是可疑的。 还公开了各种其它方法，系统和计算机可读介质。

公开(公告)号：US08566899B2

公开(公告)日：2013-10-22

申请号：US13049480

申请日：2011-03-16

申请人： Bruce McCorkendale ,  William E. Sobel ,  Matthew R. Barnes

发明人： Bruce McCorkendale ,  William E. Sobel ,  Matthew R. Barnes

IPC分类号： G06F7/04 ,  G06F15/16 ,  G06F17/30

CPC分类号： G06F21/57 ,  G06F9/452 ,  G06F9/45558 ,  G06F21/53

摘要： Techniques for securing checked-out virtual machines in a virtual desktop infrastructure (VDI) are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for securing a checked-out guest virtual machine including receiving a request for checking-out a guest virtual machine hosted by a server network element, wherein checking-out the guest virtual machine comprises transferring hosting of the guest virtual machine from the server network element to a client network element. The method for securing a checked-out guest virtual machines may also include configuring a security module for the guest virtual machine in order to secure the guest virtual machine and providing the security module to the guest virtual machine when the guest virtual machine is checked-out.

摘要翻译： 公开了在虚拟桌面基础设施（VDI）中确保检出的虚拟机的技术。 在一个特定的示例性实施例中，这些技术可以被实现为用于保护被检出的客户虚拟机的方法，包括接收由服务器网络元件托管的访客虚拟机的检出请求，其中，检出来宾虚拟机 包括将来宾虚拟机的主机从服务器网络元件传送到客户端网络元件。 用于保护签出来宾虚拟机的方法还可以包括：为访客虚拟机配置安全模块，以便在访客虚拟机被检出时保护访客虚拟机并将该安全模块提供给客体虚拟机 。

公开(公告)号：US08429180B1

公开(公告)日：2013-04-23

申请号：US12058941

申请日：2008-03-31

申请人： William E. Sobel ,  Bruce McCorkendale

发明人： William E. Sobel ,  Bruce McCorkendale

IPC分类号： G06F17/30 ,  G06F11/00

CPC分类号： G06F21/55 ,  G06F21/56 ,  H04L63/101 ,  H04L63/1425

摘要： A computer, computer program product, and method identify potentially malicious remote objects using client cooperation. A remote object access module detects client device access of a remote object instance, and an object analysis system identifies an associated location, creates a content identification value for the instance, compares it to stored content identification values for previous instances, and if anomalous, analyzes the stored content identification values to determine whether malicious. The remote object access module monitors actual traffic received by the client, and stores the information across multiple clients for comparison, allowing more accurate detection of malicious remote objects than traditional web crawling.

摘要翻译： 计算机，计算机程序产品和方法使用客户端合作识别潜在的恶意远程对象。 远程对象访问模块检测远程对象实例的客户端设备访问，并且对象分析系统识别相关联的位置，为该实例创建内容标识值，将其与先前实例的存储内容标识值进行比较，以及如果异常分析 存储的内容标识值是否是恶意的。 远程对象访问模块监视客户端接收到的实际流量，并将信息存储在多个客户端进行比较，从而比传统的网络爬网更准确地检测恶意远程对象。

公开(公告)号：US08402528B1

公开(公告)日：2013-03-19

申请号：US10914861

申请日：2004-08-09

申请人： Bruce McCorkendale ,  William E. Sobel

发明人： Bruce McCorkendale ,  William E. Sobel

IPC分类号： G06F9/00 ,  G06F15/16 ,  G06F17/00

CPC分类号： G06F21/85 ,  G06F8/65 ,  H04L63/0227 ,  H04L63/145

摘要： A computer is especially vulnerable when connected to a network while software on the computer is in an unpatched state. A portable firewall adapter is installed inline between the computer having the unpatched software and a network. A firewall within the adapter enforces a security policy that protects the computer from attack via the network. The adapter allows the computer to be connected to the network in order to download patches and/or other software that cure the vulnerabilities on the computer.

摘要翻译： 当计算机上的软件处于未打包状态时，计算机连接到网络时尤其容易受到攻击。 在具有未打补丁的软件和网络的计算机之间内置安装便携式防火墙适配器。 适配器中的防火墙执行安全策略，保护计算机免受网络的攻击。 适配器允许计算机连接到网络，以便下载修补程序和/或其他可以修复计算机上的漏洞的软件。

公开(公告)号：US08402458B1

公开(公告)日：2013-03-19

申请号：US12406324

申请日：2009-03-18

申请人： Bruce McCorkendale ,  William E. Sobel

发明人： Bruce McCorkendale ,  William E. Sobel

IPC分类号： G06F9/445 ,  G06F9/455

CPC分类号： G06F9/44552 ,  G06F9/44521

摘要： A method may include receiving a request to convert a non-layered installation of a software application into a layered installation of the software application. The method may also include determining a base location of at least one file associated with the non-layered installation of the software application. The method may further include creating the layered installation of the software application by transitioning the at least one file from the base location to a virtualization layer. Various other methods, systems, and computer-readable-media are also disclosed.

摘要翻译： 方法可以包括接收将软件应用程序的非分层安装转换为软件应用程序的分层安装的请求。 该方法还可以包括确定与软件应用的非分层安装相关联的至少一个文件的基本位置。 该方法还可以包括通过将至少一个文件从基本位置转换到虚拟化层来创建软件应用程序的分层安装。 还公开了各种其它方法，系统和计算机可读介质。

公开(公告)号：US20120254380A1

公开(公告)日：2012-10-04

申请号：US13074850

申请日：2011-03-29

申请人： William E. Sobel ,  Bruce McCorkendale

发明人： William E. Sobel ,  Bruce McCorkendale

IPC分类号： G06F15/177 ,  G06F15/173

CPC分类号： G06F9/44505

摘要： Configuration elements are selectively propagated between a host and multiple guests, based on a policy. Configuration elements of the host and guests are monitored. Changes made to monitored configuration elements are detected. It is determined whether to propagate changed configuration elements between operating system environments based on the policy. It can be determined to propagate changed configuration element(s) from a source to one or more destinations in response to factors such as the identity and/or classification of the source, or the type, attribute(s), content and/or identity of the changed configuration element(s). The creation of new guests is detected. In response, at least one configuration element from at least one source is automatically propagated to a newly created guest.

摘要翻译： 基于策略，配置元素在主机和多个客户端之间选择性地传播。 监控主机和客户端的配置元素。 检测到对受监视的配置元素进行的更改。 根据策略确定是否在操作系统环境之间传播已更改的配置元素。 响应于诸如源的身份和/或分类或类型，属性，内容和/或身份的因素，可以确定将更改的配置元素从源传播到一个或多个目的地 的更改的配置元素。 检测到新客人的创建。 作为响应，来自至少一个源的至少一个配置元素被自动传播到新创建的访客。

公开(公告)号：US08225053B1

公开(公告)日：2012-07-17

申请号：US12004865

申请日：2007-12-21

申请人： Bruce McCorkendale ,  Mark W. Spiegel ,  Paul Agbabian ,  Shaun Cooley

发明人： Bruce McCorkendale ,  Mark W. Spiegel ,  Paul Agbabian ,  Shaun Cooley

IPC分类号： G06F12/00

CPC分类号： G06F12/08 ,  G06F12/126 ,  G06F2212/1016

摘要： A method and apparatus for mitigating the performance impact of background or idle time processing during interactive computing sessions. One embodiment of the present invention is a method for mitigating performance impact of background or idle time processing on interactive applications comprising identifying executable and data pages in physical memory that are associated with an interactive application that is temporarily unused and preventing any of the identified executable and data pages from paging out.

摘要翻译： 一种用于在交互式计算会话期间减轻背景或空闲时间处理的性能影响的方法和装置。 本发明的一个实施例是一种用于减轻背景或空闲时间处理对交互式应用的性能影响的方法，包括识别物理存储器中与临时未使用的交互式应用相关联的可执行文件和数据页面，并防止所识别的可执行文件和 数据页从寻呼出来。

公开(公告)号：US08170549B1

公开(公告)日：2012-05-01

申请号：US12724316

申请日：2010-03-15

申请人： Bruce McCorkendale ,  Shaun Cooley

发明人： Bruce McCorkendale ,  Shaun Cooley

IPC分类号： H04W4/12

CPC分类号： H04W4/16 ,  H04M3/42 ,  H04M3/42229 ,  H04M3/42348 ,  H04W4/029 ,  H04W4/12

摘要： Electronic communication messages are routed according to a user's current physical location and the physical locations of communication devices. A plurality of communication devices such as telephones and computers are associated with the user. The physical locations of the plurality of communication devices are tracked. The current physical location of the user is also tracked in real-time. Incoming communication messages to the user and outgoing communication messages from the user are routed according to routing preferences based on at least the current physical location of the user and physical locations of at least one of the communication devices.

摘要翻译： 电子通信消息根据用户的当前物理位置和通信设备的物理位置进行路由。 诸如电话和计算机的多个通信设备与用户相关联。 跟踪多个通信设备的物理位置。 用户的当前物理位置也被实时跟踪。 至少基于用户的当前物理位置和至少一个通信设备的物理位置，根据路由选择路由来自用户的传入通信消息和来自用户的传出通信消息。