公开(公告)号：US08205239B1

公开(公告)日：2012-06-19

申请号：US11864951

申请日：2007-09-29

申请人： Sourabh Satish

发明人： Sourabh Satish

IPC分类号： G06F17/00 ,  H04L29/06

CPC分类号： H04L63/102 ,  H04L63/126

摘要： Determining a security policy to apply to access requests to network sites that have not been classified for security risks is accomplished according to user behavior. Past behavior of users and requests to access network sites that are known security risks is recorded. When a user requests access to a site that is not classified for security purposes, a security policy is selected based on one or more users' past behavior. When a user has a history of not accessing sites that pose security risks, a more permissive security policy is set, and when a user has a history of requesting access to sites that do pose security risks a more restrictive security policy is set. Access requests are tracked, and security policy may be set at a name server that is remote from a user or user's computing system.

摘要翻译： 根据用户行为，确定适用于尚未分类为安全风险的网络访问请求的安全策略。 记录用户的过去行为和访问已知安全风险的网站的请求。 当用户请求访问未被分类以用于安全目的的站点时，基于一个或多个用户的过去行为来选择安全策略。 当用户具有不访问造成安全风险的站点的历史时，将设置一个更宽容的安全策略，并且当用户具有请求访问确实存在安全风险的站点的历史时，会设置更严格的安全策略。 跟踪访问请求，并且可以在远离用户或用户的计算系统的名称服务器上设置安全策略。

公开(公告)号：US08045457B1

公开(公告)日：2011-10-25

申请号：US11478786

申请日：2006-06-29

申请人： Sourabh Satish ,  Brian Hernacki

发明人： Sourabh Satish ,  Brian Hernacki

IPC分类号： G06F11/00 ,  G06F15/16 ,  G06F7/04

CPC分类号： H04L65/607 ,  H04L63/0236 ,  H04L2463/101

摘要： Intentionally dropping packets to prevent unauthorized transfer of data through multimedia tunnels is disclosed. A stream of media transport protocol packets is received. One or more packets are dropped intentionally from the stream to render unusable at the destination a file or other data transported through the multimedia tunnel without authorization.

摘要翻译： 公开了有意地丢弃数据包以防止通过多媒体隧道的未经授权的数据传输。 接收媒体传输协议包流。 有意地从流中丢弃一个或多个数据包，以在目的地使文件或未经授权通过多媒体隧道传输的其他数据不可用。

公开(公告)号：US07831522B1

公开(公告)日：2010-11-09

申请号：US11540999

申请日：2006-09-28

申请人： Sourabh Satish ,  Brian Hernacki

发明人： Sourabh Satish ,  Brian Hernacki

IPC分类号： G06Q20/00

CPC分类号： G06Q20/12 ,  G06Q20/02 ,  G06Q20/382 ,  G06Q20/3821 ,  G06Q20/4016

摘要： Determining reputation information is disclosed. A honey token is included in an online identity data. The honey token is to monitor for misuse of all or part of the online identity data. Optionally, information associated with at least one use of the honey token is aggregated with other reputation information.

摘要翻译： 公开了确定信誉信息。 蜂蜜令牌包含在线身份数据中。 蜂蜜令牌是监控滥用全部或部分在线身份数据。 可选地，与蜂蜜令牌的至少一个使用相关联的信息与其他信誉信息进行聚合。

公开(公告)号：US07814535B1

公开(公告)日：2010-10-12

申请号：US11478276

申请日：2006-06-29

申请人： Ian M. Barile ,  Sourabh Satish

发明人： Ian M. Barile ,  Sourabh Satish

IPC分类号： H04L29/06

CPC分类号： H04L67/104 ,  H04L63/0823 ,  H04L63/1433

摘要： Method and apparatus for peer-to-peer compliancy validation in secure managed networks. Embodiments may provide a peer compliancy mechanism that may augment compliancy control conventionally implemented on one or more trusted servers. Embodiments may enable nodes seeking admission to a secure managed network to communicate with a trusted node or nodes on the secure managed network for at least some compliancy functions including, but not limited to, health validation and remediation, thus reducing the load and reliance on central compliancy servers in the secure managed network.

摘要翻译： 用于安全管理网络中对等合规验证的方法和装置。 实施例可以提供可以增强通常在一个或多个可信服务器上实现的合规控制的对等合规机制。 实施例可以使得寻求允许安全受管网络的节点能够与安全受管网络上的可信节点或节点进行通信，用于至少一些符合性功能，包括但不限于健康验证和修复，从而减少负载和对中心的依赖 安全管理网络中的兼容服务器。

公开(公告)号：US20090328224A1

公开(公告)日：2009-12-31

申请号：US12164751

申请日：2008-06-30

申请人： Brian Hernacki ,  Sourabh Satish

发明人： Brian Hernacki ,  Sourabh Satish

IPC分类号： G06F11/00

CPC分类号： H04L63/105 ,  H04L63/1433

摘要： Reputations of domain registrars are calculated based on the hosting of risky domains. The more undesirable domains a registrar hosts, the lower is its reputation. The risk level of the hosted domains is also a factor in determining the reputation. When a user attempts to access a hosted domain, the calculated reputation of the hosting domain registrar is used in determining what security steps to apply to the access attempt. The worse the reputation of the hosting registrar, the more security is applied, all else being equal.

摘要翻译： 域名注册商的声明根据承担风险域计算。 注册商主管的不合需要的域名越低，它的声誉就越低。 托管域的风险级别也是确定声誉的一个因素。 当用户尝试访问托管域时，使用主机域注册器计算的声誉来确定应用于访问尝试的安全步骤。 托管注册商的声誉越差，应用的安全性就越大，其他一切都相同。

公开(公告)号：US07552477B1

公开(公告)日：2009-06-23

申请号：US11064712

申请日：2005-02-23

申请人： Sourabh Satish ,  Matthew Conover

发明人： Sourabh Satish ,  Matthew Conover

IPC分类号： G06F12/16 ,  G06F13/24

CPC分类号： G06F21/52 ,  G06F9/545 ,  G06F2209/542

摘要： A method makes use of the fact that call modules, such as APIS, making calls to a critical operating system (OS) function are typically called by a call instruction while, in contrast, a RLIBC attack typically uses call modules that are jumped to, returned to, or invoked by some means other than a call instruction. The method includes stalling a call to critical OS function and checking to ensure that the call module making the call to the critical OS function was called by a call instruction. If it is determined that the call module making the call to the critical OS function was not called by a call instruction, the method further includes taking protective action to protect a computer system.

摘要翻译： 一种方法利用呼叫模块（例如APIS）调用关键操作系统（OS）功能的事实通常由调用指令调用，而相比之下，RLIBC攻击通常使用跳转到的调用模块， 通过某种方式返回或调用，而不是通话指令。 该方法包括停止对关键OS功能的调用，并检查以确保通过调用指令调用对关键OS功能进行调用的调用模块。 如果确定对呼叫指令进行调用的呼叫模块未被呼叫指令调用，则该方法还包括采取保护措施来保护计算机系统。

公开(公告)号：US07506056B2

公开(公告)日：2009-03-17

申请号：US11478932

申请日：2006-06-30

申请人： Sourabh Satish ,  Brian Hernacki

发明人： Sourabh Satish ,  Brian Hernacki

IPC分类号： G06F15/173

CPC分类号： G06F21/552 ,  G06F21/577 ,  H04L63/1433

摘要： Various embodiments of a method for detecting a trend in a computer network comprising a plurality of nodes are described. According to one embodiment of the method, network admission control is performed for each node in the network. One or more configuration fingerprints may be created for each node in response to the network admission control for the node, e.g., where the configuration fingerprints for a given node identify selected aspects of the configuration of the node. The method further comprises detecting a trend based on at least a subset of the configuration fingerprints for the nodes. For example, the configuration fingerprints may be analyzed in order to detect trends that indicate security threats.

摘要翻译： 描述了用于检测包括多个节点的计算机网络中的趋势的方法的各种实施例。 根据该方法的一个实施例，对网络中的每个节点执行网络准入控制。 响应于节点的网络准入控制，可以为每个节点创建一个或多个配置指纹，例如，其中给定节点的配置指纹识别节点的配置的所选方面。 该方法还包括基于节点的配置指纹的至少一​​个子集来检测趋势。 例如，可以分析配置指纹以便检测指示安全威胁的趋势。

公开(公告)号：US20080256594A1

公开(公告)日：2008-10-16

申请号：US11784835

申请日：2007-04-10

申请人： Sourabh Satish ,  Brian Hernacki

发明人： Sourabh Satish ,  Brian Hernacki

IPC分类号： G06F17/00 ,  H04L9/00

CPC分类号： G06F21/41

摘要： Method and apparatus for managing digital identities through a single interface is described. One aspect of the invention relates to managing digital identities related to a user. An identity policy of an entity is obtained. At least one relevant digital identity is selected from the digital identities. Each relevant digital identity includes information required by the identity policy. A selected digital identity is obtained from the relevant digital identity or identities. A representation of the selected digital identity is provided to the entity that complies with the identity policy.

摘要翻译： 描述了通过单个接口管理数字身份的方法和装置。 本发明的一个方面涉及管理与用户相关的数字身份。 获得实体的身份策略。 从数字身份中选择至少一个相关的数字身份。 每个相关的数字身份包括身份认证政策所要求的信息。 从相关数字身份或身份获得所选择的数字身份。 所选择的数字身份的表示被提供给符合身份策略的实体。

公开(公告)号：US09971776B1

公开(公告)日：2018-05-15

申请号：US11477502

申请日：2006-06-29

申请人： Sourabh Satish ,  Brian Hernacki

发明人： Sourabh Satish ,  Brian Hernacki

IPC分类号： G06F17/30

CPC分类号： G06F17/30067 ,  G06F17/30233 ,  G06F17/30235

摘要： A method, apparatus and computer-readable medium for extending the functionality of an operating system is described. The method comprises installing an installable file system as a root file system of the operating system, mounting a default file system of the operating system as a folder accessible by the installable file system and using the installable file system to process data between the operating system and the default file system. The apparatus is a system for extending the functionality of an operating system comprising a computing device comprising a processor and a memory for executing the operating system, wherein the operating system mounts an installable file system other than a default file system of the operating system as a root file system and the installable file system mounts the default file system of the operating system as a folder.

公开(公告)号：US09781151B1

公开(公告)日：2017-10-03

申请号：US13271104

申请日：2011-10-11

申请人： Bruce E. McCorkendale ,  Sourabh Satish ,  Xuefeng Tian ,  Jingnan Si ,  Jun Mao ,  Xiaole Zhu ,  Sheng Gong

发明人： Bruce E. McCorkendale ,  Sourabh Satish ,  Xuefeng Tian ,  Jingnan Si ,  Jun Mao ,  Xiaole Zhu ,  Sheng Gong

IPC分类号： G06F11/00 ,  G08B23/00 ,  H04L29/06

CPC分类号： H04L63/1441 ,  G06F21/562 ,  G06F21/567 ,  H04L63/123 ,  H04L63/1408 ,  H04L63/1416

摘要： Techniques for identifying malicious downloadable applications are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for identifying malicious downloadable applications comprising receiving a signature of a downloadable application, identifying, using at least one computer processor, a known good application having at least one attribute in common with the downloadable application and having a signature different from the signature of the downloadable application, analyzing the downloadable application to evaluate one or more risk factors based at least in part on the at least one common attribute and the difference in signatures, and determining, based on the evaluated one or more risk factors, one or more responsive actions.