公开(公告)号：US08341740B2

公开(公告)日：2012-12-25

申请号：US12124431

申请日：2008-05-21

申请人： Bassem Abdel-Aziz ,  Stanley Chow ,  Shu-Lin Chen

发明人： Bassem Abdel-Aziz ,  Stanley Chow ,  Shu-Lin Chen

IPC分类号： G06F21/00

CPC分类号： H04L63/1416

摘要： Malware detection systems are presented in which a list is constructed of enterprise hosts to or from which each given enterprise network host sends or receives packets within a current measurement period and statistics are accumulated based on two or more measurement period lists, with a count value being derived from the statistics to indicate the number of other hosts to or from which each monitored host sent or received packets, and one or more monitored hosts may be identified as suspected of being infected with slow and/or distributed scanning malware for which the count value exceeds a threshold value.

摘要翻译： 提供了恶意软件检测系统，其中列表是由企业主机构成的，每个企业主机在每个给定的企业网络主机在当前测量周期内发送或接收分组，并且基于两个或更多个测量周期列表累积统计信息，计数值为 从统计信息中导出，以指示每个受监视主机发送或接收的数据包的其他主机的数量，以及一个或多个受监视主机可能被识别为怀疑被慢扫描和/或分布式扫描恶意软件感染，计数值 超过阈值。

公开(公告)号：US20050021966A1

公开(公告)日：2005-01-27

申请号：US10478696

申请日：2002-06-10

申请人： Stanley Chow ,  Harold Johnson

发明人： Stanley Chow ,  Harold Johnson

IPC分类号： G06F21/14 ,  G06F21/16 ,  G06F21/62 ,  H04L9/00

CPC分类号： G06F21/14 ,  G06F21/10 ,  G06F21/16 ,  G06F2221/0733 ,  G06F2221/0737

摘要： Digital marks (so-called fingerprints and watermarks) serve two basic purposes: (1) Investigative: the owner reads a fingerprint to determine how the marked entity leaked; and (2) Legal: the owner must prove in court that (a) there is a watermark (a concealed copyright message), and (b) it is the owner's. The main difficulty of item (2) is that the first use of the watermark software reveals the watermarking method to the public so that hostile parties are equipped to remove or damage its watermarks. The invention uses tamper-resistant software encoding techniques to protect the digital mark extractor algorithm, frustrating the attacks of hostile parties in two ways: the resulting code is obscure (that is, its inner workings are incomprehensible; and chaotic (that is, a modification at any point will almost certainly produce a nonsense program.

摘要翻译： 数字标记（所谓的指纹和水印）有两个基本用途：（1）调查：所有者读取指纹以确定标记实体如何泄露; 和（2）法律：业主必须在法庭上证明（a）有水印（隐藏的版权信息），和（b）是所有者。 项目（2）的主要困难在于，首先使用水印软件向公众揭示水印方法，以便敌对方配备去除或损坏其水印。 本发明使用防篡改软件编码技术来保护数字标记提取器算法，以两种方式挫败敌对方的攻击：所产生的代码是模糊的（即它的内部工作是不可理解的;和混乱的（即修改 在任何时候几乎肯定会产生一个废话的程序。