-
公开(公告)号:US08185930B2
公开(公告)日:2012-05-22
申请号:US11935756
申请日:2007-11-06
IPC分类号: G06F17/00
CPC分类号: H04L63/1425 , H04L63/20
摘要: Methods and systems for adjusting control settings associated with filtering or classifying communications to a computer or a network. The adjustment of the control settings can include adjustment of policy and/or security settings associated with the computer or network. Ranges associated with the control settings can also be provided in some implementations.
摘要翻译: 用于调整与将计算机或网络通信过滤或分类相关联的控制设置的方法和系统。 控制设置的调整可以包括调整与计算机或网络相关联的策略和/或安全设置。 与控制设置相关的范围也可以在一些实现中提供。
-
公开(公告)号:US20110296519A1
公开(公告)日:2011-12-01
申请号:US13108493
申请日:2011-05-16
申请人: Curtis Ide , Sven Krasser , Dmitri Alperovitch
发明人: Curtis Ide , Sven Krasser , Dmitri Alperovitch
IPC分类号: G06F21/20
CPC分类号: G06F21/30 , G06F21/55 , H04L63/0218 , H04L63/0263 , H04L63/1441
摘要: Methods and systems for operation upon one or more data processors for reputation based firewall processing of communications. The reputation based firewall processing includes receiving a communication identifying an entity, retrieving the reputation of the entity identified by the communication, and handling the communication based upon the retrieved reputation.
摘要翻译: 用于在一个或多个数据处理器上操作以用于基于信誉的防火墙处理通信的方法和系统。 基于信誉的防火墙处理包括接收识别实体的通信,检索由通信识别的实体的信誉,以及基于所检索的信誉来处理通信。
-
53.发明授权公开(公告)号:US09106680B2
公开(公告)日:2015-08-11
申请号:US13170163
申请日:2011-06-27
CPC分类号: H04L63/1408 , H04L63/0227 , H04L63/0236 , H04L63/0245 , H04L63/14 , H04L63/1416
摘要: A method is provided in one example embodiment that includes generating a fingerprint based on properties extracted from data packets received over a network connection and requesting a reputation value based on the fingerprint. A policy action may be taken on the network connection if the reputation value received indicates the fingerprint is associated with malicious activity. The method may additionally include displaying information about protocols based on protocol fingerprints, and more particularly, based on fingerprints of unrecognized protocols. In yet other embodiments, the reputation value may also be based on network addresses associated with the network connection.
摘要翻译: 在一个示例实施例中提供了一种方法,其包括基于通过网络连接接收的数据分组提取的属性生成指纹,并且基于指纹请求信誉值。 如果接收到的信誉值指示指纹与恶意活动相关联,则可以对网络连接进行策略动作。 该方法可以另外包括基于协议指纹显示关于协议的信息,更具体地,基于无法识别的协议的指纹。 在其他实施例中,信誉值也可以基于与网络连接相关联的网络地址。
-
公开(公告)号:US08775619B2
公开(公告)日:2014-07-08
申请号:US12987730
申请日:2011-01-10
IPC分类号: G06F15/173
CPC分类号: H04L67/02 , H04L51/12 , H04L63/02 , H04L63/08 , H04L63/145 , H04L67/2823 , H04L69/04
摘要: A distributed proxy server system is operable to receive a request for Internet data from a user, obtain the user's identity, store at least one cookie on the user's web browser identifying the user, and filter undesired content before forwarding requested Internet data to the user. A master cookie is associated with the proxy server including user identity information, and an injected domain cookie is associated with the domain of the requested Internet data including user identity information.
摘要翻译: 分布式代理服务器系统可操作以从用户接收对因特网数据的请求,获取用户的身份,在用户的web浏览器上存储识别用户的至少一个cookie,并且在将所请求的因特网数据转发给用户之前过滤不需要的内容。 主cookie与代理服务器相关联,包括用户身份信息,并且注入的域cookie与所请求的因特网数据的域相关联,包括用户身份信息。
-
公开(公告)号:US08621559B2
公开(公告)日:2013-12-31
申请号:US13460878
申请日:2012-05-01
IPC分类号: G06F17/00
CPC分类号: H04L63/1425 , H04L63/20
摘要: Methods and systems for managing data communications are described. The method includes receiving a data communication; analyzing the data communication to determine a particular type of sender or recipient activity associated with the data communication based at least in part on an application of a plurality of tests to the data communication; assigning a total risk level to the data communication based at least in part on one or more risks associated with the particular type of sender or recipient activity and a tolerance for each of the one or more risks; comparing the total risk level assigned to the data communication with a maximum total acceptable level of risk; and allowing the data communication to be delivered to a recipient in response to the comparison indicating that the total risk level assigned to the data communication does not exceed the maximum total acceptable level of risk.
摘要翻译: 描述用于管理数据通信的方法和系统。 该方法包括接收数据通信; 分析数据通信以至少部分地基于对数据通信的多个测试的应用来确定与数据通信相关联的特定类型的发送者或接收者活动; 至少部分地基于与特定类型的发送者或接收者活动相关联的一个或多个风险以及针对所述一个或多个风险中的每一个的容忍度而将数据通信的总风险水平分配给数据通信; 将分配给数据通信的总风险水平与最大总可接受风险水平进行比较; 并且响应于指示分配给数据通信的总风险级别不超过最大总可接受风险水平的比较,允许数据通信被传送到接收者。
-
公开(公告)号:US20060015942A1
公开(公告)日:2006-01-19
申请号:US11142943
申请日:2005-06-02
申请人: Paul Judge , Dmitri Alperovitch , Matt Moyer
发明人: Paul Judge , Dmitri Alperovitch , Matt Moyer
IPC分类号: G06F11/00 , G06F11/30 , G06F11/22 , G06F12/14 , H04L9/32 , G06F11/32 , G06F11/34 , G06F11/36 , G06F12/16 , G06F15/18 , G08B23/00
CPC分类号: H04L51/12 , G06F11/008
摘要: Methods and systems for operation upon one or more data processors for assigning a reputation to a messaging entity. A method can include receiving data that identifies one or more characteristics related to a messaging entity's communication. A reputation score is determined based upon the received identification data. The determined reputation score is indicative of reputation of the messaging entity. The determined reputation score is used in deciding what action is to be taken with respect to a communication associated with the messaging entity.
-
公开(公告)号:US20060015563A1
公开(公告)日:2006-01-19
申请号:US11173941
申请日:2005-07-01
申请人: Paul Judge , Guru Rajan , Dmitri Alperovitch , Matt Moyer
发明人: Paul Judge , Guru Rajan , Dmitri Alperovitch , Matt Moyer
IPC分类号: G06F17/30
CPC分类号: G06Q10/107 , H04L51/12
摘要: Methods and systems for operation upon one or more data processors that classify communications from messaging entities. A method can include receiving a communication that was sent from a messaging entity. A plurality of message classification techniques is used to classify the communication. Each message classification technique is associated with a confidence value which is used in generating a message classification output from the message classification technique. The message classification outputs are combined in order to generate a message profile score. The message Profile score is used in deciding what action is to be taken with respect to the communication associated with the messaging entity.
摘要翻译: 用于对一个或多个数据处理器进行操作的方法和系统,用于对通信实体进行分类。 一种方法可以包括接收从消息传送实体发送的通信。 使用多种消息分类技术对通信进行分类。 每个消息分类技术与用于从消息分类技术生成消息分类输出中使用的置信度值相关联。 消息分类输出被组合以便生成消息简档得分。 消息简档分数用于决定对于与消息传递实体相关联的通信采取什么操作。
-
公开(公告)号:US08621638B2
公开(公告)日:2013-12-31
申请号:US13108529
申请日:2011-05-16
申请人: Paul Judge , Matt Moyer , Guru Rajan , Dmitri Alperovitch
发明人: Paul Judge , Matt Moyer , Guru Rajan , Dmitri Alperovitch
IPC分类号: G06F21/00
CPC分类号: H04L51/12
摘要: Methods and systems for operation upon one or more data processors for biasing a reputation score. A communication having data that identifies a plurality of biasing characteristics related to a messaging entity associated with the communication is received. The identified plurality of biasing characteristics related to the messaging entity associated with the communication based upon a plurality of criteria are analyzed, and a reputation score associated with the messaging entity is biased based upon the analysis of the identified plurality of biasing characteristics related to the messaging entity associated with the communication.
摘要翻译: 用于对一个或多个数据处理器进行操作以偏置信誉评分的方法和系统。 接收具有识别与与通信相关联的消息传递实体相关的多个偏置特性的数据的通信。 分析与基于多个标准的与通信相关联的消息传递实体相关的所识别的多个偏置特性,并且基于对与消息传送相关的所识别的多个偏置特性的分析,与消息传递实体相关联的信誉评分被偏移 与通信相关联的实体。
-
公开(公告)号:US20120110672A1
公开(公告)日:2012-05-03
申请号:US13108529
申请日:2011-05-16
申请人: Paul Judge , Matt Moyer , Guru Rajan , Dmitri Alperovitch
发明人: Paul Judge , Matt Moyer , Guru Rajan , Dmitri Alperovitch
CPC分类号: H04L51/12
摘要: Methods and systems for operation upon one or more data processors for biasing a reputation score. A communication having data that identifies a plurality of biasing characteristics related to a messaging entity associated with the communication is received. The identified plurality of biasing characteristics related to the messaging entity associated with the communication based upon a plurality of criteria are analyzed, and a reputation score associated with the messaging entity is biased based upon the analysis of the identified plurality of biasing characteristics related to the messaging entity associated with the communication.
摘要翻译: 用于对一个或多个数据处理器进行操作以偏置信誉评分的方法和系统。 接收具有识别与与通信相关联的消息传递实体相关的多个偏置特性的数据的通信。 分析与基于多个标准的与通信相关联的消息传递实体相关的所识别的多个偏置特性,并且基于对与消息传送相关的所识别的多个偏置特性的分析,与消息传递实体相关联的信誉评分被偏移 与通信相关联的实体。
-
公开(公告)号:US09043903B2
公开(公告)日:2015-05-26
申请号:US13492672
申请日:2012-06-08
CPC分类号: G06F21/566 , G06F9/46 , G06F21/554 , G06F21/56 , G06F21/567 , G06F21/568 , G06F2221/034 , G06N5/04 , H04L41/0803 , H04L63/0245 , H04L63/1441
摘要: A kernel-level security agent is described herein. The kernel-level security agent is configured to observe events, filter the observed events using configurable filters, route the filtered events to one or more event consumers, and utilize the one or more event consumers to take action based at least on one of the filtered events. In some implementations, the kernel-level security agent detects a first action associated with malicious code, gathers data about the malicious code, and in response to detecting subsequent action(s) of the malicious code, performs a preventative action. The kernel-level security agent may also deceive an adversary associated with malicious code. Further, the kernel-level security agent may utilize a model representing chains of execution activities and may take action based on those chains of execution activities.
摘要翻译: 本文描述了内核级安全性代理。 内核级安全性代理被配置为观察事件,使用可配置的过滤器过滤观察到的事件,将过滤的事件路由到一个或多个事件消费者,并且利用一个或多个事件消费者至少基于一个被过滤的事件消费者采取行动 事件 在一些实现中,内核级安全代理检测与恶意代码相关联的第一动作,收集关于恶意代码的数据,并且响应于检测到后续的恶意代码动作,执行预防措施。 内核级安全代理也可能欺骗与恶意代码相关联的对手。 此外,内核级安全代理可以使用表示执行活动链的模型,并且可以基于执行活动链执行动作。
-
-
-
-
-
-
-
-
-
搜索结果
61 条记录 (耗时 0.024 秒)
