-
1.发明授权Computer worm curing system and method and computer readable storage medium for storing computer worm curing method 有权计算机蠕虫固化系统及其计算机可读存储介质,用于存储计算机蠕虫固化方法公开(公告)号:US08832838B2
公开(公告)日:2014-09-09
申请号:US12961605
申请日:2010-12-07
Applicant: Shih-Jen Chen , Jain-Shing Wu , Fu-Hau Hsu , Chia-Jun Lin
Inventor: Shih-Jen Chen , Jain-Shing Wu , Fu-Hau Hsu , Chia-Jun Lin
CPC classification number: G06F21/568
Abstract: A computer worm curing system includes a string receiving module, a string generating module and a string replying module. The string receiving module receives an infected string, which is generated by a computer worm, from an infected host, which is infected by the computer worm, through a network. The infected string includes a shellcode, and the shellcode is executed utilizing a vulnerable process. The string generating module generates a curing code for curing the computer worm, and replaces the shellcode in the infected string with the curing code to generate a curing string, such that the curing string can be executed utilizing the vulnerable process. The string replying module replies the curing string to the infected host, such that the curing code of the curing string can be executed utilizing the vulnerable process of the infected host to cure the infected host of the computer worm.
Abstract translation: 计算机蠕虫固化系统包括串接收模块,字符串生成模块和字符串应答模块。 字符串接收模块通过网络从受感染的主机(由计算机蠕虫感染)接收由计算机蠕虫产生的感染字符串。 受感染的字符串包括一个shellcode,并且shellcode是使用一个易受攻击的进程执行的。 字符串生成模块生成用于固化计算机蠕虫的固化代码,并用固化代码替换感染字符串中的shellcode以生成固化串,使得可以使用易受攻击的过程来执行固化串。 字符串回复模块将固化字符串回复到感染的主机,使得可以利用受感染主机的易受攻击的程序来执行固化字符串的固化代码,以治愈受感染的计算机蠕虫主机。
-
2.发明申请Computer Worm Curing System and Method and Computer Readable Storage Medium for Storing Computer Worm Curing Method 有权计算机蠕虫固化系统和计算机可读存储介质,用于存储计算机蠕虫固化方法公开(公告)号:US20120117647A1
公开(公告)日:2012-05-10
申请号:US12961605
申请日:2010-12-07
Applicant: Shih-Jen Chen , Jain-Shing Wu , Fu-Hau Hsu , Chia-Jun Lin
Inventor: Shih-Jen Chen , Jain-Shing Wu , Fu-Hau Hsu , Chia-Jun Lin
IPC: G06F11/00
CPC classification number: G06F21/568
Abstract: A computer worm curing system includes a string receiving module, a string generating module and a string replying module. The string receiving module receives an infected string, which is generated by a computer worm, from an infected host, which is infected by the computer worm, through a network. The infected string includes a shellcode, and the shellcode is executed utilizing a vulnerable process. The string generating module generates a curing code for curing the computer worm, and replaces the shellcode in the infected string with the curing code to generate a curing string, such that the curing string can be executed utilizing the vulnerable process. The string replying module replies the curing string to the infected host, such that the curing code of the curing string can be executed utilizing the vulnerable process of the infected host to cure the infected host of the computer worm.
Abstract translation: 计算机蠕虫固化系统包括串接收模块,字符串生成模块和字符串应答模块。 字符串接收模块通过网络从受感染的主机(由计算机蠕虫感染)接收由计算机蠕虫产生的感染字符串。 受感染的字符串包括一个shellcode,并且shellcode是使用一个易受攻击的进程执行的。 字符串生成模块生成用于固化计算机蠕虫的固化代码,并用固化代码替换感染字符串中的shellcode以生成固化串,使得可以使用易受攻击的过程来执行固化串。 字符串回复模块将固化字符串回复到感染的主机,使得可以利用受感染主机的易受攻击的程序来执行固化字符串的固化代码,以治愈受感染的计算机蠕虫主机。
-
Search Results
2
records
(took 0.01 seconds)
