公开(公告)号：US08667592B2

公开(公告)日：2014-03-04

申请号：US13048380

申请日：2011-03-15

申请人： William E. Sobel ,  Sourabh Satish

发明人： William E. Sobel ,  Sourabh Satish

IPC分类号： G06F11/00

CPC分类号： G06F21/564

摘要： A computer-implemented method for looking up anti-malware metadata may include identifying a plurality of executable objects to be scanned for malware before execution. The computer-implemented method may also include, for each executable object within the plurality of executable objects, assessing an imminence of execution of the executable object. The computer-implemented method may further include prioritizing, based on the assessments, a retrieval order for anti-malware metadata corresponding to the plurality of executable objects. The computer-implemented method may additionally include retrieving anti-malware metadata corresponding to an executable object within the plurality of executable objects based on the retrieval order. Various other methods, systems, and computer-readable media are also disclosed.

摘要翻译： 用于查找反恶意软件元数据的计算机实现的方法可以包括在执行之前识别要扫描恶意软件的多个可执行对象。 对于多个可执行对象中的每个可执行对象，计算机实现的方法还可以包括执行可执行对象的即将来临。 计算机实现的方法还可以包括基于评估来优先考虑与多个可执行对象相对应的反恶意软件元数据的检索顺序。 计算机实现的方法可以另外包括基于检索顺序检索对应于多个可执行对象内的可执行对象的反恶意软件元数据。 还公开了各种其它方法，系统和计算机可读介质。

公开(公告)号：US08600995B1

公开(公告)日：2013-12-03

申请号：US13358396

申请日：2012-01-25

申请人： Sourabh Satish ,  Bruce McCorkendale

发明人： Sourabh Satish ,  Bruce McCorkendale

IPC分类号： G06F17/30

CPC分类号： G06F17/30017 ,  G06Q10/00 ,  G06Q10/06

摘要： The role of a user within an organization is automatically determined based on the classification of applications and content on the user's computer. Applications and files installed on a user's computer are identified. Identified applications and files that are not indicative of the role of the user within the organization are filtered out. The non-filtered out applications are functionally classified according to associated roles within the organization, based on predetermined functional classification information. The non-filtered out files are also functionally classified, based on predetermined functional classification information concerning types of files associated with specific organizational roles. The content of files that are of types not indicative of the user's organizational role can be analyzed, and these files can be functionally classified based on their content. The functional classifications are used in determining the role of the user.

摘要翻译： 用户在组织内的角色将根据用户计算机上的应用程序和内容的分类自动确定。 识别安装在用户计算机上的应用程序和文件。 识别出的不是用户在组织内的角色的应用程序和文件被过滤掉。 基于预定的功能分类信息，未过滤的应用程序根据组织内的相关角色进行功能分类。 基于关于与特定组织角色相关联的文件类型的预定功能分类信息，未过滤掉的文件也被功能分类。 可以分析不指示用户组织角色的类型的文件的内容，并且可以基于其内容对这些文件进行功能分类。 功能分类用于确定用户的角色。

公开(公告)号：US08566401B1

公开(公告)日：2013-10-22

申请号：US11644511

申请日：2006-12-22

申请人： Brian Hernacki ,  Sourabh Satish

发明人： Brian Hernacki ,  Sourabh Satish

IPC分类号： G06F15/16

CPC分类号： G06Q10/107 ,  H04L51/00 ,  H04L51/12 ,  H04L51/14

摘要： A method and apparatus for enabling e-mail routing and filtering based on dynamic identities is presented. In one embodiment, the method includes provisioning a new e-mail address, and notifying an e-mail backend of the provisioned address wherein the provisioned address includes a list of authorized senders.

摘要翻译： 提出了一种基于动态身份实现电子邮件路由和过滤的方法和装置。 在一个实施例中，该方法包括提供新的电子邮件地址，以及通知电子邮件后端所提供的地址，其中所提供的地址包括授权发送者的列表。

公开(公告)号：US08533831B2

公开(公告)日：2013-09-10

申请号：US12830084

申请日：2010-07-02

申请人： Sourabh Satish

发明人： Sourabh Satish

IPC分类号： G06F21/00

CPC分类号： G06F21/75 ,  G06F21/52 ,  G06F21/566

摘要： A computer-implemented method for alternating malware classifiers in an attempt to frustrate brute-force malware testing may include (1) providing a group of heuristic-based classifiers for detecting malware, wherein each classifier within the group differs from all other classifiers within the group but has an accuracy rate that is substantially similar to all other classifiers within the group, (2) including the group of classifiers within a security-software product, and (3) alternating the security-software product's use of the classifiers within the group in an attempt to frustrate brute-force malware testing by (a) randomly selecting and activating an initial classifier from within the group and then, upon completion of a select interval, (b) replacing the initial classifier with an additional classifier randomly selected from within the group. Various other methods, systems, and computer-readable media are also disclosed.

摘要翻译： 用于交替恶意软件分类器以试图挫败暴力恶意软件测试的计算机实现的方法可以包括（1）提供一组用于检测恶意软件的基于启发式的分类器，其中组内的每个分类器与组内的所有其他分类器不同 但是具有与组内的所有其他分类器基本相似的准确率，（2）包括安全软件产品内的分类器组，以及（3）交替安全软件产品在组内的分类器的使用 试图通过（a）从组内随机选择和激活初始分类器，然后在完成选择间隔之后，（b）用从其内部随机选择的附加分类器替换初始分类器来挫败强力恶意软件测试 组。 还公开了各种其它方法，系统和计算机可读介质。

公开(公告)号：US08499063B1

公开(公告)日：2013-07-30

申请号：US12059258

申请日：2008-03-31

申请人： Sourabh Satish ,  William E. Sobel

发明人： Sourabh Satish ,  William E. Sobel

IPC分类号： G06F15/173

CPC分类号： G06F21/552 ,  G06F8/62 ,  G06F11/3419 ,  G06F2201/81 ,  G06F2201/86 ,  G06F2201/865 ,  G06F2221/2135

摘要： Installation events associated with a software application are received from a plurality of clients. A rate at which the software application was uninstalled on the plurality of clients is determined based on the installation events. A reputation score is generated based on the rate at which the software application was uninstalled on the plurality of clients. A reputation score is generated for the software application responsive to the installation event and the performance data. The reputation score storied in association with the software application.

摘要翻译： 从多个客户端接收与软件应用相关联的安装事件。 基于安装事件确定在多个客户端上卸载软件应用程序的速率。 基于在多个客户端上卸载软件应用程序的速率生成信誉分数。 响应于安装事件和性能数据，为软件应用程序生成声誉分数。 信誉评分与软件应用程序相关联。

公开(公告)号：US08468608B1

公开(公告)日：2013-06-18

申请号：US12414466

申请日：2009-03-30

申请人： Brian Hernacki ,  Sourabh Satish ,  William E. Sobel

发明人： Brian Hernacki ,  Sourabh Satish ,  William E. Sobel

IPC分类号： G06F7/04

CPC分类号： G06F21/10 ,  G06F2221/0728

摘要： A DRM server parses a request received from a client for a content identifier and client classification information. The content identifier identifies the requested content and client classification information describes the capabilities of the client. The DRM server determines a policy for the requested content. The policy specifies rules for determining access rights for the content responsive to the capabilities of the client. The DRM server determines access rights for the requested content responsive to the capabilities of the client and the policy. The DRM manager then provides the requested content and the determined access rights to the client.

摘要翻译： DRM服务器解析从客户端接收到的用于内容标识符和客户端分类信息的请求。 内容标识符识别所请求的内容，并且客户端分类信息描述客户端的能力。 DRM服务器确定所请求内容的策略。 该策略指定响应于客户端的能力确定内容的访问权限的规则。 响应于客户端的能力和策略，DRM服务器确定所请求的内容的访问权限。 然后，DRM管理器向客户端提供所请求的内容和确定的访问权限。

公开(公告)号：US08424007B1

公开(公告)日：2013-04-16

申请号：US12242685

申请日：2008-09-30

申请人： Brian Hernacki ,  Sourabh Satish ,  William E. Sobel

发明人： Brian Hernacki ,  Sourabh Satish ,  William E. Sobel

IPC分类号： G06F9/46

CPC分类号： G06F9/4881 ,  G06F9/485 ,  G06F2209/503

摘要： A computer-implemented method for prioritizing virtual machine tasks may include receiving a request to perform a first task from a virtual machine. The request may include information relevant to determining a priority of the task. The method may include determining the priority of the task based on the information. The method may further include scheduling the first task based on the priority of the task. The method may include selecting the first task for execution based on the scheduling. The method may include notifying the virtual machine that the first task has been selected for execution. Various related methods, computer-readable media, and systems are also disclosed.

摘要翻译： 用于对虚拟机任务进行优先级的计算机实现的方法可以包括从虚拟机接收执行第一任务的请求。 该请求可以包括与确定任务的优先级有关的信息。 该方法可以包括基于该信息确定任务的优先级。 该方法还可以包括基于任务的优先级调度第一任务。 该方法可以包括基于调度来选择用于执行的第一任务。 该方法可以包括通知虚拟机第一任务已经被选择用于执行。 还公开了各种相关方法，计算机可读介质和系统。

公开(公告)号：US08401982B1

公开(公告)日：2013-03-19

申请号：US12687767

申请日：2010-01-14

申请人： Sourabh Satish ,  Zulfikar Ramzan

发明人： Sourabh Satish ,  Zulfikar Ramzan

IPC分类号： G06F11/00 ,  G06F15/18

CPC分类号： G06F21/566 ,  G06N99/005

摘要： A decision tree for classifying computer files is constructed. A set of training files known to be legitimate or malicious are executed and their runtime behaviors are monitored. When a behavior event is detected for one of the training file at a point in time, a feature vector is generated for that training file. Behavior sequencing and timing information for the training file at that point in time is identified and encoded in the feature vector. Feature vectors for each of the training files at various points in time are fed into a decision tree induction algorithm to construct a decision tree that takes into account of the sequencing and timing information.

摘要翻译： 构建了用于分类计算机文件的决策树。 一组已知是合法或恶意的训练文件被执行，并监视其运行时行为。 当在某个时间点检测到训练文件之一的行为事件时，为该训练文件生成特征向量。 在该时间点的训练文件的行为排序和定时信息被识别并在特征向量中编码。 将不同时间点的每个训练文件的特征向量馈送到决策树感应算法中，以构建考虑到排序和定时信息的决策树。

公开(公告)号：US08370926B1

公开(公告)日：2013-02-05

申请号：US12768157

申请日：2010-04-27

申请人： Sourabh Satish

发明人： Sourabh Satish

IPC分类号： G06F7/04 ,  G06F12/00

CPC分类号： G06F21/36

摘要： A computer-implemented method for authenticating users may include identifying an image associated with a user for mutual assurance during an authentication process. The computer-implemented method may also include modifying the image based on a prompt message to create a modified image that displays the prompt message. The computer-implemented method may further include determining that user input comprises an expected response to the prompt message. Various other methods, systems, and computer-readable media are also disclosed.

摘要翻译： 用于认证用户的计算机实现的方法可以包括在认证过程期间识别与用户相关联的图像以进行相互保证。 计算机实现的方法还可以包括基于提示消息修改图像以创建显示提示消息的修改图像。 计算机实现的方法还可以包括确定用户输入包括对提示消息的预期响应。 还公开了各种其它方法，系统和计算机可读介质。

公开(公告)号：US08332570B1

公开(公告)日：2012-12-11

申请号：US12242734

申请日：2008-09-30

申请人： Randall R. Cook ,  Brian Hernacki ,  Sourabh Satish ,  William E. Sobel

发明人： Randall R. Cook ,  Brian Hernacki ,  Sourabh Satish ,  William E. Sobel

IPC分类号： G06F12/02 ,  G06F9/455

CPC分类号： G06F3/0613 ,  G06F3/0646 ,  G06F3/0676 ,  G06F9/45558 ,  G06F2009/45579 ,  G06F2206/1004

摘要： A computer-implemented method for defragmenting virtual machine prefetch data. The method may include obtaining prefetch information associated with prefetch data of a virtual machine. The method may also include defragmenting, based on the prefetch information, the prefetch data on physical storage. The prefetch information may include a starting location and length of the prefetch data on a virtual disk. The prefetch information may include a geometry specification of the virtual disk. Defragmenting on physical storage may include placing the prefetch data contiguously on physical storage, placing the prefetch data in a fast-access segment of physical storage, and/or ordering the prefetch data according to the order in which it is accessed at system or application startup.

摘要翻译： 用于对虚拟机预取数据进行碎片整理的计算机实现的方法。 该方法可以包括获得与虚拟机的预取数据相关联的预取信息。 该方法还可以包括基于预取信息对物理存储器上的预取数据进行碎片整理。 预取信息可以包括虚拟磁盘上的预取数据的起始位置和长度。 预取信息可以包括虚拟磁盘的几何规格。 物理存储上的碎片整理可能包括将预取数据连续地放置在物理存储上，将预取数据放置在物理存储的快速访问段中，和/或根据系统或应用程序启动时访问顺序对预取数据进行排序 。