公开(公告)号：US20080250159A1

公开(公告)日：2008-10-09

申请号：US11696580

申请日：2007-04-04

申请人： Yi-Min Wang ,  Douglas Beck ,  Chad Verbowski ,  Bradford Daniels ,  Ming Ma

发明人： Yi-Min Wang ,  Douglas Beck ,  Chad Verbowski ,  Bradford Daniels ,  Ming Ma

IPC分类号： G06F15/173

CPC分类号： G06F21/6218 ,  G06F2221/2149 ,  H04L29/12594 ,  H04L61/3015 ,  H04L61/303

摘要： An exemplary method includes providing a typographically erroneous domain name, tracing the domain name where tracing includes entering the domain name as part of a URL and recording one or more subsequent URLs, identifying a domain parking service for the domain name based at least in part on information in one of the recorded URLs, determining client identification information in at least one of the recorded URLs where the client identification information identifies a customer of the domain parking service and blocking one or more domain names based at least in part on the client identification information. Other exemplary technologies are also disclosed.

摘要翻译： 一种示例性方法包括提供排版错误的域名，跟踪域名，其中跟踪包括作为URL的一部分输入域名并记录一个或多个后续URL，至少部分地基于域名来标识域名停放服务 在记录的URL之一中的信息，确定至少一个记录的URL中的客户端标识信息，其中客户识别信息识别域停车服务的客户并且至少部分地基于客户端标识信息来阻止一个或多个域名 。 还公开了其他示例性技术。

公开(公告)号：US07392295B2

公开(公告)日：2008-06-24

申请号：US10918086

申请日：2004-08-13

申请人： Chun Yuan ,  Jiahe Helen Wang ,  Yi-Min Wang ,  Zheng Zhang

发明人： Chun Yuan ,  Jiahe Helen Wang ,  Yi-Min Wang ,  Zheng Zhang

IPC分类号： G06F15/16

CPC分类号： H04L41/0853

摘要： A method and system for retrieving data from devices in a way that seeks to preserve privacy and ensure the integrity of the retrieved data is provided. A retrieval system is implemented on a network of devices that communicate with each other via a secure communications link. Each device is directly connected to one or more “friend” devices that it trusts. The retrieval system operates by forwarding a request for data from one friend device to another friend device. Each friend device may optionally add data to the request until all the requested data is added. The request with the retrieved data is returned to the device that initiated the request.

摘要翻译： 提供了以寻求保护隐私并确保检索的数据的完整性的方式从设备检索数据的方法和系统。 在通过安全通信链路彼此通信的设备网络上实现检索系统。 每个设备直接连接到它信任的一个或多个“朋友”设备。 检索系统通过将数据的请求从一个朋友设备转发到另一个朋友设备来操作。 每个朋友设备可以选择性地向请求中添加数据，直到添加所有请求的数据。 具有检索到的数据的请求将返回给发起请求的设备。

公开(公告)号：US20080127355A1

公开(公告)日：2008-05-29

申请号：US11532127

申请日：2006-09-15

申请人： Jacob R. Lorch ,  Yi-Min Wang ,  Chad Verbowski ,  Helen J. Wang ,  Samuel King

发明人： Jacob R. Lorch ,  Yi-Min Wang ,  Chad Verbowski ,  Helen J. Wang ,  Samuel King

IPC分类号： H04N7/16

CPC分类号： H04N21/818 ,  H04N21/4435 ,  H04N21/4437

摘要： In an embodiment of isolation environment-based information access, programs—including operating systems and applications—running on a computing-based device can be isolated in an environment such as a virtual machine. Information including commands and/or data transmitted between the computing-based device and the program(s) being run, as well as information associated with the program(s) and the computing-based device, is accessed without being detected by the program(s). In one implementation, the information includes state information as well as commands and/or data—including sensitive information, such as usernames and passwords. In another implementation, the information can be used to secretly access the program(s).

摘要翻译： 在基于隔离环境的信息访问的实施例中，可以在诸如虚拟机的环境中隔离在基于计算的设备上运行的程序（包括操作系统和应用）。 访问包括在基于计算的设备和正在运行的程序之间传送的命令和/或数据的信息以及与程序和基于计算的设备相关联的信息，而不被程序检测到 s）。 在一个实现中，信息包括状态信息以及诸如用户名和密码的敏感信息的命令和/或数据。 在另一实现中，该信息可用于秘密地访问该程序。

公开(公告)号：US20070022287A1

公开(公告)日：2007-01-25

申请号：US11183225

申请日：2005-07-15

申请人： Douglas Beck ,  Yi-Min Wang

发明人： Douglas Beck ,  Yi-Min Wang

IPC分类号： H04L9/00

CPC分类号： H04L63/145 ,  G06F21/554 ,  G06F21/566 ,  G06F2221/2105

摘要： A method and system for determining whether resources of a computer system are being hidden is provided. The security system invokes a high-level function of user mode that is intercepted and filtered by the malware to identify resources. The security system also directly invokes a low-level function of kernel mode that is not intercepted and filtered by the malware to identify resources. After invoking the high-level function and the low-level function, the security system compares the identified resources. If the low-level function identified a resource that was not identified by the high-level function, then the security system may consider the resource to be hidden.

摘要翻译： 提供了一种用于确定计算机系统的资源是否被隐藏的方法和系统。 安全系统调用被恶意软件拦截和过滤的用户模式的高级功能，以识别资源。 安全系统还直接调用内核模式的低级功能，不被恶意软件拦截和过滤，以识别资源。 调用高级功能和低级功能后，安全系统将比较所识别的资源。 如果低级功能识别出高级功能未识别的资源，则安全系统可以考虑资源被隐藏。

公开(公告)号：US20070006297A1

公开(公告)日：2007-01-04

申请号：US11214123

申请日：2005-08-29

申请人： Chad Verbowski ,  John Dunagan ,  Shuo Chen ,  Yi-Min Wang

发明人： Chad Verbowski ,  John Dunagan ,  Shuo Chen ,  Yi-Min Wang

IPC分类号： G06F12/14

CPC分类号： G06F21/6218 ,  G06F2221/2101

摘要： A technique for identifying dependencies of an application upon a given security context includes monitoring security checks generated by the application. The security checks requiring elevated rights are identified and the state of execution of the application corresponding to the identified security checks may be logged. The security checks requiring elevated rights may be identified by monitoring access checks, monitoring privilege checks, checking user/group identifiers against a list of known identifiers associated with elevated rights, or the like.

摘要翻译： 用于在给定的安全上下文中识别应用的依赖性的技术包括监视应用产生的安全检查。 识别需要提升权限的安全检查，并且可能会记录与识别的安全检查对应的应用程序的执行状态。 可以通过监视访问检查，监视特权检查，针对与提升的权限相关联的已知标识符的列表等来检查用户/组标识符来识别需要提高权限的安全检查。

公开(公告)号：US20070006283A1

公开(公告)日：2007-01-04

申请号：US11214125

申请日：2005-08-29

申请人： Chad Verbowski ,  John Dunagan ,  Shuo Chen ,  Yi-Min Wang

发明人： Chad Verbowski ,  John Dunagan ,  Shuo Chen ,  Yi-Min Wang

IPC分类号： H04L9/32

CPC分类号： G06F21/6218 ,  G06F2221/2101

摘要： A technique for identifying dependencies of an application upon a given security context includes monitoring security checks generated by the application. The security checks requiring elevated rights are identified and the state of execution of the application corresponding to the identified security checks may be logged. The security checks requiring elevated rights may be identified by monitoring access checks, monitoring privilege checks, checking user/group identifiers against a list of known identifiers associated with elevated rights, or the like.

公开(公告)号：US20060294592A1

公开(公告)日：2006-12-28

申请号：US11170792

申请日：2005-06-28

申请人： Alexey Polyakov ,  Gretchen Loihle ,  Mihai Costea ,  Robert Hensing ,  Scott Field ,  Vincent Orgovan ,  Yi-Min Wang ,  Yun Lin

发明人： Alexey Polyakov ,  Gretchen Loihle ,  Mihai Costea ,  Robert Hensing ,  Scott Field ,  Vincent Orgovan ,  Yi-Min Wang ,  Yun Lin

IPC分类号： G06F12/14

CPC分类号： G06F21/566

摘要： Embodiments of a RootKit detector are directed to identifying a RootKit on a computer that is designed to conceal malware. Aspects of the RootKit detector leverage services provided by kernel debugger facilities to automatically obtain data in specified data structures that are maintained by an operating system. Then the data obtained from the kernel debugger facilities is processed with an integrity checker that determines whether the data contains properties sufficient to declare that a RootKit is resident on the computer.

公开(公告)号：US20060117310A1

公开(公告)日：2006-06-01

申请号：US10997685

申请日：2004-11-24

申请人： Bradford Daniels ,  John Dunagan ,  Roussi Roussev ,  Chad Verbowski ,  Yi-Min Wang

发明人： Bradford Daniels ,  John Dunagan ,  Roussi Roussev ,  Chad Verbowski ,  Yi-Min Wang

IPC分类号： G06F9/44

CPC分类号： G06F8/658

摘要： A method and system for analyzing the impact on software of an update to a software system is provided. The impact analysis system identifies resources that are affected by an update to the software system and identifies resources that are accessed by various software components during execution of the software components. To analyze the effects of an update, the impact analysis system identifies those accessed resources of the software components that are affected by the update as being impacted resources. The impact analysis system considers those software components that access the impacted resources to be impacted software components. The impact analysis system provides a user interface through which a user can view and analyze the impact of an update.

公开(公告)号：US06826763B1

公开(公告)日：2004-11-30

申请号：US09458139

申请日：1999-12-09

申请人： Yi-Min Wang ,  Galen C. Hunt ,  Alessandro Forin

发明人： Yi-Min Wang ,  Galen C. Hunt ,  Alessandro Forin

IPC分类号： G06F946

CPC分类号： G06F9/547 ,  G06F9/465

摘要： A method for improving the performance of a distributed object model over a network is disclosed. A client computer contains a client object which can call an interface on a server object located on a server computer. Rather than copying all of the call parameters into an RPC buffer for transmission across the network, a network interface card with scatter-gather capability can be used. The RPC data can contain only a list of pointers into the client memory and a size of each parameter. The network interface card can then grab the parameters directly from the client memory using the list in the RPC buffer without the need to copy the data itself. At the server side, the network interface card can place the parameters into an RPC buffer, or if the size is known beforehand, directly into the server memory. The server can also access the parameters directly from the RPC buffer. On the return, the server can use a callback function to indicate when its network interface card has finished sending the response data so that the server does not clear its memory prematurely. At the client side, if the size of the response is not known, and the data is placed into the RPC buffers, it can be copied from the RPC buffer into the client memory.

摘要翻译： 公开了一种通过网络改善分布式对象模型的性能的方法。 客户端计算机包含可以调用位于服务器计算机上的服务器对象上的接口的客户端对象。 可以使用具有分散收集功能的网络接口卡，而不是将所有呼叫参数复制到RPC缓冲区中，以便通过网络进行传输。 RPC数据只能包含指向客户机内存的指针列表和每个参数的大小。 然后，网络接口卡可以使用RPC缓冲区中的列表直接从客户端存储器中获取参数，而无需复制数据本身。 在服务器端，网络接口卡可以将参数放入RPC缓冲区，或者如果事先知道大小，则直接进入服务器内存。 服务器也可以直接从RPC缓冲区访问参数。 返回时，服务器可以使用回调函数来指示其网络接口卡何时完成发送响应数据，以致服务器不能过早清除其内存。 在客户端，如果响应的大小不知道，并且数据被放置到RPC缓冲区中，则可以将其从RPC缓冲区复制到客户端存储器中。

公开(公告)号：US5530802A

公开(公告)日：1996-06-25

申请号：US264027

申请日：1994-06-22

申请人： Wesley K. Fuchs ,  Yennun Huang ,  Yi-Min Wang

发明人： Wesley K. Fuchs ,  Yennun Huang ,  Yi-Min Wang

IPC分类号： G06F11/14 ,  G06F11/00

CPC分类号： G06F11/1438

摘要： A software failure bypass system based on checkpointing, input logging, rollback and input sequence reordering is disclosed. The software fault bypass system minimizes the number of involved processes as well as the total rollback distance. The software fault bypass system includes a progressive retry recovery algorithm which gradually increases the scope of the recovery when a previous retry step fails to bypass the detected fault and a reorder recovery algorithm which will attempt to bypass the detected fault by reordering and reprocessing the inputs that have been received by the faulty application process. The fault tolerant system includes a mechanism which utilizes information about the particular application process or the cause of the detected fault to determine if the recovery of a particular application process should proceed directly to the reorder recovery algorithm. In one embodiment, if the faulty process exhibits nondeterministic behavior, the overall progressive retry recovery algorithm should be utilized to recover the faulty process. If the faulty process does not exhibit nondeterministic behavior, however, the reorder recovery algorithm should be utilized to recover the faulty process.

摘要翻译： 公开了一种基于检查点，输入记录，回滚和输入序列重新排序的软件故障旁路系统。 软件故障旁路系统可以最大程度地减少涉及的进程数量以及总回滚距离。 软件故障旁路系统包括逐行重试恢复算法，当先前的重试步骤不能绕过检测到的故障时，逐渐增加恢复的范围，以及重新排序恢复算法，该算法将尝试绕过检测到的故障，重新排序和重新处理输入， 已被错误的应用程序接收。 容错系统包括利用关于特定应用过程的信息或检测到的故障的原因的机制来确定特定应用进程的恢复是否应该直接进行到重新排序恢复算法。 在一个实施例中，如果故障过程表现出非确定性行为，则应采用整体逐行重试恢复算法来恢复故障过程。 然而，如果故障过程不显示非确定性行为，则应使用重排序恢复算法来恢复故障过程。