公开(公告)号：US20120117647A1

公开(公告)日：2012-05-10

申请号：US12961605

申请日：2010-12-07

申请人： Shih-Jen Chen ,  Jain-Shing Wu ,  Fu-Hau Hsu ,  Chia-Jun Lin

发明人： Shih-Jen Chen ,  Jain-Shing Wu ,  Fu-Hau Hsu ,  Chia-Jun Lin

IPC分类号： G06F11/00

CPC分类号： G06F21/568

摘要： A computer worm curing system includes a string receiving module, a string generating module and a string replying module. The string receiving module receives an infected string, which is generated by a computer worm, from an infected host, which is infected by the computer worm, through a network. The infected string includes a shellcode, and the shellcode is executed utilizing a vulnerable process. The string generating module generates a curing code for curing the computer worm, and replaces the shellcode in the infected string with the curing code to generate a curing string, such that the curing string can be executed utilizing the vulnerable process. The string replying module replies the curing string to the infected host, such that the curing code of the curing string can be executed utilizing the vulnerable process of the infected host to cure the infected host of the computer worm.

摘要翻译： 计算机蠕虫固化系统包括串接收模块，字符串生成模块和字符串应答模块。 字符串接收模块通过网络从受感染的主机（由计算机蠕虫感染）接收由计算机蠕虫产生的感染字符串。 受感染的字符串包括一个shellcode，并且shellcode是使用一个易受攻击的进程执行的。 字符串生成模块生成用于固化计算机蠕虫的固化代码，并用固化代码替换感染字符串中的shellcode以生成固化串，使得可以使用易受攻击的过程来执行固化串。 字符串回复模块将固化字符串回复到感染的主机，使得可以利用受感染主机的易受攻击的程序来执行固化字符串的固化代码，以治愈受感染的计算机蠕虫主机。

公开(公告)号：US08832838B2

公开(公告)日：2014-09-09

申请号：US12961605

申请日：2010-12-07

申请人： Shih-Jen Chen ,  Jain-Shing Wu ,  Fu-Hau Hsu ,  Chia-Jun Lin

发明人： Shih-Jen Chen ,  Jain-Shing Wu ,  Fu-Hau Hsu ,  Chia-Jun Lin

IPC分类号： H04L21/00 ,  G06F21/56

CPC分类号： G06F21/568

摘要： A computer worm curing system includes a string receiving module, a string generating module and a string replying module. The string receiving module receives an infected string, which is generated by a computer worm, from an infected host, which is infected by the computer worm, through a network. The infected string includes a shellcode, and the shellcode is executed utilizing a vulnerable process. The string generating module generates a curing code for curing the computer worm, and replaces the shellcode in the infected string with the curing code to generate a curing string, such that the curing string can be executed utilizing the vulnerable process. The string replying module replies the curing string to the infected host, such that the curing code of the curing string can be executed utilizing the vulnerable process of the infected host to cure the infected host of the computer worm.

摘要翻译： 计算机蠕虫固化系统包括串接收模块，字符串生成模块和字符串应答模块。 字符串接收模块通过网络从受感染的主机（由计算机蠕虫感染）接收由计算机蠕虫产生的感染字符串。 受感染的字符串包括一个shellcode，并且shellcode是使用一个易受攻击的进程执行的。 字符串生成模块生成用于固化计算机蠕虫的固化代码，并用固化代码替换感染字符串中的shellcode以生成固化串，使得可以使用易受攻击的过程来执行固化串。 字符串回复模块将固化字符串回复到感染的主机，使得可以利用受感染主机的易受攻击的程序来执行固化字符串的固化代码，以治愈受感染的计算机蠕虫主机。

公开(公告)号：US20130145462A1

公开(公告)日：2013-06-06

申请号：US13323863

申请日：2011-12-13

申请人： Fu-Hau Hsu ,  Shih-Jen Chen ,  Chien-Ting Kuo ,  Jain-Shing Wu ,  Chuan-Sheng Wang

发明人： Fu-Hau Hsu ,  Shih-Jen Chen ,  Chien-Ting Kuo ,  Jain-Shing Wu ,  Chuan-Sheng Wang

IPC分类号： G06F21/00

CPC分类号： H04L67/02 ,  H04L51/12 ,  H04L51/32 ,  H04L63/1483

摘要： A phishing processing method includes: an information input web page comprising an information input interface, through which information is transmitted to an information receiving address, is received. Determine if the information input web page is a phishing web page. If it is determined that the information input web page is the phishing web page, fake input information is transmitted to the information receiving address. When information for verification is received from an information transmitting address, if the received information for verification is the fake input information is determined. If the received information for verification is the fake input information, it is determined that the information transmitting address is a malicious address.

摘要翻译： 网络钓鱼处理方法包括：接收信息输入网页，其包括信息输入接口，通过该信息输入接口向信息接收地址发送信息。 确定信息输入网页是否是网络钓鱼网页。 如果确定信息输入网页是网络钓鱼网页，则将假输入信息发送到信息接收地址。 当从信息发送地址接收到用于验证的信息时，如果所接收的用于验证的信息是假输入信息被确定。 如果接收到的用于验证的信息是假输入信息，则确定信息发送地址是恶意地址。

公开(公告)号：US08516581B2

公开(公告)日：2013-08-20

申请号：US13323863

申请日：2011-12-13

申请人： Fu-Hau Hsu ,  Shih-Jen Chen ,  Chien-Ting Kuo ,  Jain-Shing Wu ,  Chuan-Sheng Wang

发明人： Fu-Hau Hsu ,  Shih-Jen Chen ,  Chien-Ting Kuo ,  Jain-Shing Wu ,  Chuan-Sheng Wang

IPC分类号： G06F11/00 ,  G06F11/30 ,  H04L29/06

CPC分类号： H04L67/02 ,  H04L51/12 ,  H04L51/32 ,  H04L63/1483

摘要： A phishing processing method includes: an information input web page comprising an information input interface, through which information is transmitted to an information receiving address, is received. Determine if the information input web page is a phishing web page. If it is determined that the information input web page is the phishing web page, fake input information is transmitted to the information receiving address. When information for verification is received from an information transmitting address, if the received information for verification is the fake input information is determined. If the received information for verification is the fake input information, it is determined that the information transmitting address is a malicious address.

摘要翻译： 网络钓鱼处理方法包括：接收信息输入网页，其包括信息输入接口，通过该信息输入接口向信息接收地址发送信息。 确定信息输入网页是否是网络钓鱼网页。 如果确定信息输入网页是网络钓鱼网页，则将假输入信息发送到信息接收地址。 当从信息发送地址接收到用于验证的信息时，如果所接收的用于验证的信息是假输入信息被确定。 如果接收到的用于验证的信息是假输入信息，则确定信息发送地址是恶意地址。

公开(公告)号：US20210044570A1

公开(公告)日：2021-02-11

申请号：US16984172

申请日：2020-08-04

申请人： Fu-Hau HSU

发明人： Yim-Mei HSU LIU ,  Chia-Hao LEE ,  Chia-Jung WU

IPC分类号： H04L29/06 ,  H04L12/741 ,  H04L29/08 ,  H04L12/66

摘要： A packet transmission method is disclosed herein. The packet transmission method includes the following operations: transmitting a first packet to a first proxy server terminal by a first user terminal; changing a header of received first packet to generate a first header, and transmitting the first packet with the first header to a gateway terminal by the first proxy server terminal; changing the header of received first packet to generate a second header, and transmitting the first packet with the second header to a server terminal by the gateway terminal, wherein the header of the first packet includes a source address field and a destination address field.