公开(公告)号：US08935677B2

公开(公告)日：2015-01-13

申请号：US12098496

申请日：2008-04-07

申请人： Weidong Cui ,  Marcus Peinado ,  Karl Chen ,  Jiahe Helen Wang ,  Luis Irun-Briz

发明人： Weidong Cui ,  Marcus Peinado ,  Karl Chen ,  Jiahe Helen Wang ,  Luis Irun-Briz

IPC分类号： G06F9/44 ,  G06F9/45

CPC分类号： G06F8/53

摘要： Systems and methods for automatically reverse engineering an input data format using dynamic data flow analysis. Combining input data with a simulated execution of the binary program using the input data and analyzing the use of the data by the program to generate a BNL-like grammar representing the input data format. The input data can be application level protocols, network protocols or formatted files.

摘要翻译： 使用动态数据流分析自动逆向工程输入数据格式的系统和方法。 将输入数据与使用输入数据的二进制程序的模拟执行相结合，并通过程序分析数据的使用，以生成表示输入数据格式的类BNL语法。 输入数据可以是应用级协议，网络协议或格式化文件。

公开(公告)号：US08307443B2

公开(公告)日：2012-11-06

申请号：US11863870

申请日：2007-09-28

申请人： Jiahe Helen Wang ,  Jacob R. Lorch ,  Bryan Jeffrey Parno

发明人： Jiahe Helen Wang ,  Jacob R. Lorch ,  Bryan Jeffrey Parno

IPC分类号： G06F11/00

CPC分类号： G06F21/53

摘要： The subject disclosure relates to systems and methods that secure anti-virus software through virtualization. Anti-virus systems can be maintained separate from user applications and operating system through virtualization. The user applications and operating system run in a guest virtual machine while anti-virus systems are isolated in a secure virtual machine. The virtual machines are partially interdependent such that the anti-virus systems can monitor user applications and operating systems while the anti-virus systems remain free from possible malicious attack originating from a user environment. Further, the anti-virus system is secured against zero-day attacks so that detection and recovery may occur post zero-day.

摘要翻译： 本发明涉及通过虚拟化来保护防病毒软件的系统和方法。 防病毒系统可以通过虚拟化与用户应用程序和操作系统分开维护。 用户应用程序和操作系统在客户虚拟机中运行，而防病毒系统在安全虚拟机中被隔离。 这些虚拟机是部分相互依赖的，因此防病毒系统可以监控用户应用程序和操作系统，同时防病毒系统保持免受来自用户环境的可能的恶意攻击。 此外，防病毒系统可以抵御零日攻击，从而可以在零日后发生检测和恢复。

公开(公告)号：US08266714B2

公开(公告)日：2012-09-11

申请号：US12550263

申请日：2009-08-28

申请人： Jiahe Helen Wang ,  Alexander Moshchuk

发明人： Jiahe Helen Wang ,  Alexander Moshchuk

IPC分类号： H04L29/06

CPC分类号： H04L63/1441 ,  G06F21/82 ,  H04L67/02

摘要： A principal operating system based-browser controls access to resources. The resources are represented semantically in a resource object model. A browser kernel of the browser mediates resources access calls from principals. In some implementations the principals are web entities and the resources are peripheral devices. The resource object model separates device semantics from physical device access. Resource access control policies are maintained by the browser kernel and separated from device access mechanisms.

摘要翻译： 基于主要操作系统的浏览器控制对资源的访问。 资源在资源对象模型中以语义表示。 浏览器的浏览器内核会调用来自主体的资源访问调用。 在一些实现中，主体是web实体，资源是外围设备。 资源对象模型将设备语义与物理设备访问分开。 资源访问控制策略由浏览器内核维护，并与设备访问机制分离。

公开(公告)号：US08156559B2

公开(公告)日：2012-04-10

申请号：US11565426

申请日：2006-11-30

申请人： Shuo Chen ,  Jose Meseguer ,  Ralf Sasse ,  Jiahe Helen Wang ,  Yi-Min Wang

发明人： Shuo Chen ,  Jose Meseguer ,  Ralf Sasse ,  Jiahe Helen Wang ,  Yi-Min Wang

IPC分类号： H04L29/06

CPC分类号： G06F11/3608 ,  G06F21/577 ,  G06F21/83

摘要： To achieve end-to-end security, traditional machine-to-machine security measures are insufficient if the integrity of the graphical user interface (GUI) is compromised. GUI logic flaws are a category of software vulnerabilities that result from logic flaws in GUI implementation. The invention described here is a technology for uncovering these flaws using a systematic reasoning approach. Major steps in the technology include: (1) mapping a visual invariant to a program invariant; (2) formally modeling the program logic, the user actions and the execution context, and systematically exploring the possibilities of violations of the program invariant; (3) finding real spoofing attacks based on the exploration.

公开(公告)号：US20110055395A1

公开(公告)日：2011-03-03

申请号：US12550293

申请日：2009-08-28

申请人： Jiahe Helen Wang ,  Alexander Moshchuk

发明人： Jiahe Helen Wang ,  Alexander Moshchuk

IPC分类号： G06F15/173

CPC分类号： H04L47/783 ,  G06F9/50

摘要： Techniques for providing resource sharing in a multi-principal browser are described. Resource sharing includes managing a resource for web entity by determining how to divide the resource to share among two or more web entities based at least in part on a Document Object Model (DOM)-recursive resource allocation policy or an application-specified resource allocation policy. A web entity includes a principal instance contending for the resource. The process identifies resource allocation mechanisms from each resource type based at least in part on the DOM-recursive sharing policy or the application-specified resource allocation policy along with the resource type.

摘要翻译： 描述了在多主浏览器中提供资源共享的技术。 资源共享包括通过至少部分地基于文档对象模型（DOM） - 资源分配策略或应用指定的资源分配策略来确定如何划分资源以在两个或更多个web实体之间共享资源来管理web实体的资源 。 网络实体包括竞争资源的主体实例。 该过程至少部分地基于DOM递归共享策略或应用指定的资源分配策略以及资源类型来识别来自每种资源类型的资源分配机制。

公开(公告)号：US07890807B2

公开(公告)日：2011-02-15

申请号：US11762634

申请日：2007-06-13

申请人： Chad E. Verbowski ,  Jiahe Helen Wang ,  John C. Platt ,  Ruyun Zhang ,  Yu Chen

发明人： Chad E. Verbowski ,  Jiahe Helen Wang ,  John C. Platt ,  Ruyun Zhang ,  Yu Chen

IPC分类号： G06F11/00 ,  G06F11/36

CPC分类号： H04L41/0869 ,  G06F11/0748 ,  G06F11/079 ,  H04L41/0853 ,  H04L41/16

摘要： A method and system for identifying a configuration parameter of a “sick” computer system that is at fault for causing an undesired behavior based on analysis of configuration parameters from other computer systems is provided. In one embodiment, a troubleshooting system collects “suspect” values for “suspect” configuration parameters used by a “sick” application when the undesired behavior was exhibited by the sick computer system. The troubleshooting system then compares the suspect values to sample values of the suspect configuration parameters retrieved from sample computer systems. The troubleshooting system uses that comparison to identify one or more suspect configuration parameters that are likely at fault for causing the application to exhibit the undesired behavior.

摘要翻译： 提供了一种用于识别“病”计算机系统的配置参数的方法和系统，所述“病”计算机系统基于来自其他计算机系统的配置参数的分析而导致不期望的行为存在故障。 在一个实施例中，故障排除系统在病态计算机系统显示出不期望的行为时收集由“病”应用使用的“可疑”配置参数的“可疑”值。 然后，故障排除系统将可疑值与从示例计算机系统检索到的可疑配置参数的采样值进行比较。 故障排除系统使用该比较来识别可能出现故障的一个或多个可疑配置参数，导致应用程序显示不期望的行为。

公开(公告)号：US20090254891A1

公开(公告)日：2009-10-08

申请号：US12098496

申请日：2008-04-07

申请人： Weidong Cui ,  Marcus Peinado ,  Karl Chen ,  Jiahe Helen Wang ,  Luis Irun-Briz

发明人： Weidong Cui ,  Marcus Peinado ,  Karl Chen ,  Jiahe Helen Wang ,  Luis Irun-Briz

IPC分类号： G06F9/45

CPC分类号： G06F8/53

摘要： Systems and methods for automatically reverse engineering an input data format using dynamic data flow analysis. Combining input data with a simulated execution of the binary program using the input data and analyzing the use of the data by the program to generate a BNL-like grammar representing the input data format. The input data can be application level protocols, network protocols or formatted files.

摘要翻译： 使用动态数据流分析自动逆向工程输入数据格式的系统和方法。 将输入数据与使用输入数据的二进制程序的模拟执行相结合，并通过程序分析数据的使用，以生成表示输入数据格式的类BNL语法。 输入数据可以是应用级协议，网络协议或格式化文件。

公开(公告)号：US07584382B2

公开(公告)日：2009-09-01

申请号：US10918786

申请日：2004-08-13

申请人： Chad E. Verbowski ,  Jiahe Helen Wang ,  John C. Platt ,  Ruyun Zhang ,  Yu Chen

发明人： Chad E. Verbowski ,  Jiahe Helen Wang ,  John C. Platt ,  Ruyun Zhang ,  Yu Chen

IPC分类号： G06F11/00 ,  G06F11/20

CPC分类号： H04L41/0869 ,  G06F11/0748 ,  G06F11/079 ,  H04L41/0853 ,  H04L41/16

摘要： A method and system for identifying a configuration parameter of a “sick” computer system that is at fault for causing an undesired behavior based on analysis of configuration parameters from other computer systems is provided. In one embodiment, a troubleshooting system collects “suspect” values for “suspect” configuration parameters used by a “sick” application when the undesired behavior was exhibited by the sick computer system. The troubleshooting system then compares the suspect values to sample values of the suspect configuration parameters retrieved from sample computer systems. The troubleshooting system uses that comparison to identify one or more suspect configuration parameters that are likely at fault for causing the application to exhibit the undesired behavior.

摘要翻译： 提供了一种用于识别“病”计算机系统的配置参数的方法和系统，所述“病”计算机系统基于来自其他计算机系统的配置参数的分析而导致不期望的行为存在故障。 在一个实施例中，故障排除系统在病态计算机系统显示出不期望的行为时收集由“病”应用使用的“可疑”配置参数的“可疑”值。 然后，故障排除系统将可疑值与从示例计算机系统检索到的可疑配置参数的采样值进行比较。 故障排除系统使用该比较来识别可能出现故障的一个或多个可疑配置参数，导致应用程序显示不期望的行为。

公开(公告)号：US20090083714A1

公开(公告)日：2009-03-26

申请号：US11862075

申请日：2007-09-26

申请人： Emre Mehmet Kiciman ,  Benjamin Livshits ,  Jiahe Helen Wang

发明人： Emre Mehmet Kiciman ,  Benjamin Livshits ,  Jiahe Helen Wang

IPC分类号： G06F9/44

CPC分类号： G06F8/658

摘要： Computer-executable instructions comprising some or all of a program can be delivered to a client for execution on a real-time basis such that the client receives anew the computer-executable instructions for each new execution of the program. Such an environment enables instrumentation instructions to be inserted into the computer-executable instructions after a request and prior to the delivery of the computer-executable instructions. The inserted instrumentation instructions can be spread across multiple deliveries of the same computer-executable instructions, and they can be modified to account for information received from previously inserted instrumentation instructions. The instrumentation instructions can be inserted as part of the server process, the client process, or as part of a proxy server that can be used at the discretion of the program developer.

公开(公告)号：US07392295B2

公开(公告)日：2008-06-24

申请号：US10918086

申请日：2004-08-13

申请人： Chun Yuan ,  Jiahe Helen Wang ,  Yi-Min Wang ,  Zheng Zhang

发明人： Chun Yuan ,  Jiahe Helen Wang ,  Yi-Min Wang ,  Zheng Zhang

IPC分类号： G06F15/16

CPC分类号： H04L41/0853

摘要： A method and system for retrieving data from devices in a way that seeks to preserve privacy and ensure the integrity of the retrieved data is provided. A retrieval system is implemented on a network of devices that communicate with each other via a secure communications link. Each device is directly connected to one or more “friend” devices that it trusts. The retrieval system operates by forwarding a request for data from one friend device to another friend device. Each friend device may optionally add data to the request until all the requested data is added. The request with the retrieved data is returned to the device that initiated the request.

摘要翻译： 提供了以寻求保护隐私并确保检索的数据的完整性的方式从设备检索数据的方法和系统。 在通过安全通信链路彼此通信的设备网络上实现检索系统。 每个设备直接连接到它信任的一个或多个“朋友”设备。 检索系统通过将数据的请求从一个朋友设备转发到另一个朋友设备来操作。 每个朋友设备可以选择性地向请求中添加数据，直到添加所有请求的数据。 具有检索到的数据的请求将返回给发起请求的设备。