公开(公告)号：US08661541B2

公开(公告)日：2014-02-25

申请号：US12983849

申请日：2011-01-03

申请人： Douglas Reed Beck ,  Yi-Min Wang

发明人： Douglas Reed Beck ,  Yi-Min Wang

IPC分类号： G06F21/00

CPC分类号： H04L63/145 ,  G06F21/554 ,  G06F21/566 ,  G06F2221/2105

摘要： A method and system for determining whether resources of a computer system are being hidden is provided. The security system invokes a high-level function of user mode that is intercepted and filtered by the malware to identify resources. The security system also directly invokes a low-level function of kernel mode that is not intercepted and filtered by the malware to identify resources. After invoking the high-level function and the low-level function, the security system compares the identified resources. If the low-level function identified a resource that was not identified by the high-level function, then the security system may consider the resource to be hidden.

摘要翻译： 提供了一种用于确定计算机系统的资源是否被隐藏的方法和系统。 安全系统调用被恶意软件拦截和过滤的用户模式的高级功能，以识别资源。 安全系统还直接调用内核模式的低级功能，不被恶意软件拦截和过滤，以识别资源。 调用高级功能和低级功能后，安全系统将比较所识别的资源。 如果低级功能识别出高级功能未识别的资源，则安全系统可以考虑资源被隐藏。

公开(公告)号：US08145622B2

公开(公告)日：2012-03-27

申请号：US12351013

申请日：2009-01-09

申请人： Xiaoxin Yin ,  Vijay Ravindran Nair ,  Ryan Frederick Stewart ,  Fang Liu ,  Junhua Wang ,  Tiffany Kumi Dohzen ,  Yi-Min Wang

发明人： Xiaoxin Yin ,  Vijay Ravindran Nair ,  Ryan Frederick Stewart ,  Fang Liu ,  Junhua Wang ,  Tiffany Kumi Dohzen ,  Yi-Min Wang

IPC分类号： G06F7/00

CPC分类号： G06F17/30864

摘要： Systems and methodologies for improved query classification and processing are provided herein. As described herein, a query prediction model can be constructed from a set of training data (e.g., diagnostic data obtained from an automatic diagnostic system and/or other suitable data) using a machine learning-based technique. Subsequently upon receiving a query, a set of features corresponding to the query, such as the length and/or frequency of the query, unigram probabilities of respective words and/or groups of words in the query, presence of pre-designated words or phrases in the query, or the like, can be generated. The generated features can then be analyzed in combination with the query prediction model to classify the query by predicting whether the query is aimed at a head Uniform Resource Locator (URL) or a tail URL. Based on this prediction, an appropriate index or combination of indexes can be assigned to answer the query.

摘要翻译： 本文提供了改进的查询分类和处理的系统和方法。 如本文所述，可以使用基于机器学习的技术从一组训练数据（例如，从自动诊断系统获得的诊断数据和/或其他合适的数据）来构建查询预测模型。 随后在接收到查询后，查询对应的一组特征，诸如查询的长度和/或频率，查询中各个单词和/或单词组的单位概率，预先指定的单词或短语的存在 在查询等中可以生成。 然后可以结合查询预测模型分析生成的特征，以通过预测查询是针对头统一资源定位符（URL）还是尾URL来对查询进行分类。 基于该预测，可以分配适当的索引或索引组合来回答查询。

公开(公告)号：US08125669B2

公开(公告)日：2012-02-28

申请号：US11772085

申请日：2007-06-29

申请人： Shuo Chen ,  Yi-Min Wang ,  Jiahe Helen Wang

发明人： Shuo Chen ,  Yi-Min Wang ,  Jiahe Helen Wang

IPC分类号： G06F15/00 ,  G06F11/00

CPC分类号： G06F11/3608 ,  G06F21/577 ,  G06F21/83

摘要： To achieve end-to-end security, traditional machine-to-machine security measures are insufficient if the integrity of the graphical user interface (GUI) is compromised. GUI logic flaws are a category of software vulnerabilities that result from logic flaws in GUI implementation. The invention described here is a technology for uncovering these flaws using a systematic reasoning approach. Major steps in the technology include: (1) mapping a visual invariant to a program invariant; (2) formally modeling the program logic, the user actions and the execution context, and systematically exploring the possibilities of violations of the program invariant; (3) finding real spoofing attacks based on the exploration.

摘要翻译： 为了实现端到端的安全性，如果图形用户界面（GUI）的完整性受到损害，则传统的机器对机器的安全措施是不够的。 GUI逻辑缺陷是由GUI实现中的逻辑缺陷引起的一类软件漏洞。 这里描述的发明是使用系统推理方法揭露这些缺陷的技术。 该技术的主要步骤包括：（1）将视觉不变量映射到程序不变; （2）对程序逻辑，用户动作和执行上下文进行正式建模，并系统地探索违反程序不变的可能性; （3）根据探索找到真正的欺骗攻击。

公开(公告)号：US20120030338A1

公开(公告)日：2012-02-02

申请号：US13267254

申请日：2011-10-06

申请人： Ming Zhang ,  Yi-Min Wang ,  Albert Greenberg ,  Zhichun Li

发明人： Ming Zhang ,  Yi-Min Wang ,  Albert Greenberg ,  Zhichun Li

IPC分类号： G06F15/173

CPC分类号： H04L67/02 ,  G06F11/3419 ,  G06F11/3447 ,  G06F11/3457 ,  G06F2201/875

摘要： Embodiments of automated cloud service performance prediction are disclosed. The automated cloud service performance prediction includes extracting a parental dependency graph (PDG) for a webpage. The PDG encapsulates one or more dependency relationships for each web object in the webpage. The prediction further includes determining an original page load time (PLT) and original timing information of a webpage. The prediction also includes simulating a page loading of the webpage based on adjusted timing information of each web object and the PDG to estimate a new PLT of the webpage. The prediction additionally includes comparing the original PLT of the webpage to the new PLT of the webpage to determine whether the adjusted timing information increased or decreased the new PLT of the webpage.

摘要翻译： 公开了自动云服务性能预测的实施例。 自动云服务性能预测包括提取网页的父母依赖图（PDG）。 PDG封装网页中每个Web对象的一个​​或多个依赖关系。 预测还包括确定网页的原始页面加载时间（PLT）和原始定时信息。 该预测还包括基于每个web对象和PDG的调整的定时信息来模拟网页的加载，以估计网页的新的PLT。 该预测还包括将网页的原始PLT与网页的新PLT进行比较，以确定调整的定时信息是增加还是减少网页的新PLT。

公开(公告)号：US20110264518A1

公开(公告)日：2011-10-27

申请号：US12764983

申请日：2010-04-22

申请人： Chao Liu ,  Yi-Min Wang

发明人： Chao Liu ,  Yi-Min Wang

IPC分类号： G06F15/18 ,  G06Q30/00 ,  G06F17/30

CPC分类号： G06Q30/02 ,  G06Q30/0251

摘要： A system is described herein that includes a preference deriver component that receives a predefined preference rule that indicates a hierarchy pertaining to entities belonging to a domain, wherein each of the entities has attributes and values for such attributes corresponding thereto, and wherein the preference deriver component outputs preferences between various subsets of entities based at least in part upon the preference rule. The system also includes a learning component that learns a computer-implemented ranker component that is configured to rank the entities belonging to the domain, wherein the learning component learns the computer-implemented ranker based at least in part upon the preferences between the various subsets of the entities output by the preference deriver component.

摘要翻译： 本文描述了一种系统，其包括偏好提取器组件，其接收指示属于域的实体的层次结构的预定义的优先级规则，其中每个实体具有与其对应的这些属性的属性和值，并且其中优选提升组件 至少部分地基于偏好规则来输出各个实体子集之间的偏好。 所述系统还包括学习组件，其学习被配置为对属于所述域的实体进行排名的计算机实现的游戏者组件，其中所述学习组件至少部分地基于所述域的各个子集之间的偏好来学习所述计算机实现的游戏者 由优选导出器组件输出的实体。

公开(公告)号：US07874001B2

公开(公告)日：2011-01-18

申请号：US11183225

申请日：2005-07-15

申请人： Douglas Reed Beck ,  Yi-Min Wang

发明人： Douglas Reed Beck ,  Yi-Min Wang

IPC分类号： G06F11/00

CPC分类号： H04L63/145 ,  G06F21/554 ,  G06F21/566 ,  G06F2221/2105

摘要： A method and system for determining whether resources of a computer system are being hidden is provided. The security system invokes a high-level function of user mode that is intercepted and filtered by the malware to identify resources. The security system also directly invokes a low-level function of kernel mode that is not intercepted and filtered by the malware to identify resources. After invoking the high-level function and the low-level function, the security system compares the identified resources. If the low-level function identified a resource that was not identified by the high-level function, then the security system may consider the resource to be hidden.

摘要翻译： 提供了一种用于确定计算机系统的资源是否被隐藏的方法和系统。 安全系统调用被恶意软件拦截和过滤的用户模式的高级功能，以识别资源。 安全系统还直接调用内核模式的低级功能，不被恶意软件拦截和过滤，以识别资源。 调用高级功能和低级功能后，安全系统将比较所识别的资源。 如果低级功能识别出高级功能未识别的资源，则安全系统可以考虑资源被隐藏。

公开(公告)号：US07779480B2

公开(公告)日：2010-08-17

申请号：US11214125

申请日：2005-08-29

申请人： Chad E Verbowski ,  John D. Dunagan ,  Shuo Chen ,  Yi-Min Wang

发明人： Chad E Verbowski ,  John D. Dunagan ,  Shuo Chen ,  Yi-Min Wang

IPC分类号： G06F21/00 ,  G06F17/30

CPC分类号： G06F21/6218 ,  G06F2221/2101

摘要： A technique for identifying dependencies of an application upon a given security context includes monitoring security checks generated by the application. The security checks requiring elevated rights are identified and the state of execution of the application corresponding to the identified security checks may be logged. The security checks requiring elevated rights may be identified by monitoring access checks, monitoring privilege checks, checking user/group identifiers against a list of known identifiers associated with elevated rights, or the like.

公开(公告)号：US07774459B2

公开(公告)日：2010-08-10

申请号：US11276483

申请日：2006-03-01

申请人： Yi-Min Wang ,  Douglas R Beck

发明人： Yi-Min Wang ,  Douglas R Beck

IPC分类号： G06F15/173

CPC分类号： H04L63/1433 ,  G06F17/30887 ,  G06F21/566 ,  G06F21/567 ,  G06F21/577 ,  G06F2221/034 ,  H04L63/1416 ,  H04L67/02 ,  H04L67/125 ,  H04L67/22

摘要： A network can be explored to investigate exploitive behavior. For example, network sites may be actively explored by a honey monkey system to detect if they are capable of accomplishing exploits, including browser-based exploits, on a machine. Also, the accomplishment of exploits may be detected by tracing events occurring on a machine after visiting a network site and analyzing the traced events for illicit behavior. Alternatively, site redirections between and among uniform resource locators (URLs) may be explored to discover relationships between sites that are visited.

摘要翻译： 可以探索一个网络来调查剥削行为。 例如，网络站点可以由蜂蜜猴系统积极探索，以检测它们是否能够在机器上完成包括基于浏览器的漏洞的利用。 此外，通过在访问网站后跟踪机器上发生的事件并分析违规行为的跟踪事件，可以检测到攻击的完成。 或者，可以探索统一资源定位符（URL）之间的站点重定向以发现被访问的站点之间的关系。

公开(公告)号：US20100121841A1

公开(公告)日：2010-05-13

申请号：US12270201

申请日：2008-11-13

申请人： Li-wei He ,  Wenzhao Tan ,  Jinliang Fan ,  Yi-Min Wang ,  Xiaoxin Yin

发明人： Li-wei He ,  Wenzhao Tan ,  Jinliang Fan ,  Yi-Min Wang ,  Xiaoxin Yin

IPC分类号： G06F7/10 ,  G06F17/30 ,  G06N5/02

CPC分类号： G06F17/30867

摘要： Search relevance failures are diagnosed automatically. Users presented with unsatisfactory search results can report their dissatisfaction through various mechanisms. Dissatisfaction reports can trigger automatic investigation into the root cause of such dissatisfaction. Based on the identified root cause, a search engine can be modified to resolve the issue creating dissatisfaction thereby improving search engine quality.

摘要翻译： 搜索相关性故障自动诊断。 用户不满意的搜索结果可以通过各种机制报告他们的不满。 不满意的报告可能引发自动调查，造成这种不满的根本原因。 基于确定的根本原因，可以修改搜索引擎来解决创建不满意的问题，从而提高搜索引擎的质量。

公开(公告)号：US20090187918A1

公开(公告)日：2009-07-23

申请号：US12016654

申请日：2008-01-18

申请人： Shuo Chen ,  David A. Ross ,  Yi-Min Wang

发明人： Shuo Chen ,  David A. Ross ,  Yi-Min Wang

IPC分类号： G06F9/44 ,  G06F13/14

CPC分类号： H04L63/0435 ,  G06F21/52

摘要： A method includes placing an accent in a frame, and only letting frames with the same accent communicate with each other. This accenting is removed using an accent key immediately prior to a compilation operation. The accenting can be performed by performing an XOR operation on a data stream using a key. In one exemplary non-limiting embodiment a computing system is provided. The computing system includes a memory, and a processor coupled to the memory, the processor configured to introduce domain specificity to at least one of a script and an HTML object name. In another exemplary non-limiting embodiment, means are provided for introducing domain specificity to at least one of a script and an HTML object name and means are provided for removing the introduced domain specificity prior to a compiling operation.

摘要翻译： 一种方法包括将重音放在帧中，并且只允许具有相同重音的帧相互通信。 在编译操作之前，使用重音键删除该重音。 可以通过使用密钥对数据流执行XOR操作来执行重音。 在一个示例性的非限制性实施例中，提供了一种计算系统。 计算系统包括存储器和耦合到存储器的处理器，该处理器被配置为将域特异性引入到脚本和HTML对象名称中的至少一个。 在另一示例性非限制性实施例中，提供了用于将域特异性引入到脚本和HTML对象名称中的至少一个的装置，并且提供了用于在编译操作之前去除引入的域特异性的装置。