Systems and methods for dynamic cloud-based malware behavior analysis
    1.
    发明授权
    Systems and methods for dynamic cloud-based malware behavior analysis 有权
    基于动态云的恶意软件行为分析的系统和方法

    公开(公告)号:US09152789B2

    公开(公告)日:2015-10-06

    申请号:US14225557

    申请日:2014-03-26

    IPC分类号: G06F21/56 H04L29/06

    摘要: A cloud-based method, a behavioral analysis system, and a cloud-based security system can include a plurality of nodes communicatively coupled to one or more users, wherein the plurality of nodes each perform inline monitoring for one of the one or more users for security comprising malware detection and preclusion; and a behavioral analysis system communicatively coupled to the plurality of nodes, wherein the behavioral analysis system performs offline analysis for any suspicious content from the one or more users which is flagged by the plurality of nodes; wherein the plurality of nodes each comprise a set of known malware signatures for the inline monitoring that is periodically updated by the behavioral analysis system based on the offline analysis for the suspicious content.

    摘要翻译: 基于云的方法,行为分析系统和基于云的安全系统可以包括通信地耦合到一个或多个用户的多个节点,其中所述多个节点各自对一个或多个用户中的一个进行内联监视, 安全性包括恶意软件检测和排除; 以及通信地耦合到所述多个节点的行为分析系统,其中所述行为分析系统对来自所述多个节点标记的所述一个或多个用户的任何可疑内容执行离线分析; 其中所述多个节点各自包括用于所述在线监测的一组已知恶意软件签名,所述一组已知恶意软件签名由所述行为分析系统基于所述可疑内容的离线分析周期性地更新。

    Web security via response injection
    2.
    发明授权
    Web security via response injection 有权
    Web安全通过响应注入

    公开(公告)号:US08413239B2

    公开(公告)日:2013-04-02

    申请号:US12390486

    申请日:2009-02-22

    IPC分类号: H04L29/06

    摘要: System and methods for injecting content into a response for improving client-side security. The system includes a content injection service external to network edges of at least one system. The content injection service receives a request from a client within the at least one system and identifies or anticipates a potential threat associated with the response. The content injection service is configured to determine an appropriate counter for the identified or anticipated potential threat and in response injects content into the response according to the potential or anticipated threat identified.

    摘要翻译: 将内容注入响应以提高客户端安全性的系统和方法。 该系统包括至少一个系统的网络边缘外部的内容注入服务。 内容注入服务从至少一个系统内的客户端接收请求,并且识别或预测与响应相关联的潜在威胁。 内容注入服务被配置为确定用于所识别的或预期的潜在威胁的适当的计数器,并且响应于根据所识别的潜在或预期的威胁将内容注入到响应中。

    SYSTEMS AND METHODS FOR DYNAMIC CLOUD-BASED MALWARE BEHAVIOR ANALYSIS
    4.
    发明申请
    SYSTEMS AND METHODS FOR DYNAMIC CLOUD-BASED MALWARE BEHAVIOR ANALYSIS 有权
    基于动态云的恶意行为分析​​的系统与方法

    公开(公告)号:US20140208426A1

    公开(公告)日:2014-07-24

    申请号:US14225557

    申请日:2014-03-26

    IPC分类号: H04L29/06

    摘要: A cloud-based method, a behavioral analysis system, and a cloud-based security system can include a plurality of nodes communicatively coupled to one or more users, wherein the plurality of nodes each perform inline monitoring for one of the one or more users for security comprising malware detection and preclusion; and a behavioral analysis system communicatively coupled to the plurality of nodes, wherein the behavioral analysis system performs offline analysis for any suspicious content from the one or more users which is flagged by the plurality of nodes; wherein the plurality of nodes each comprise a set of known malware signatures for the inline monitoring that is periodically updated by the behavioral analysis system based on the offline analysis for the suspicious content.

    摘要翻译: 基于云的方法,行为分析系统和基于云的安全系统可以包括通信地耦合到一个或多个用户的多个节点,其中所述多个节点各自对一个或多个用户中的一个进行内联监视, 安全性包括恶意软件检测和排除; 以及通信地耦合到所述多个节点的行为分析系统,其中所述行为分析系统对来自所述多个节点标记的所述一个或多个用户的任何可疑内容执行离线分析; 其中所述多个节点各自包括用于所述在线监测的一组已知恶意软件签名,所述一组已知恶意软件签名由所述行为分析系统基于所述可疑内容的离线分析周期性地更新。

    SYSTEMS AND METHODS FOR MOBILE APPLICATION SECURITY CLASSIFICATION AND ENFORCEMENT
    5.
    发明申请
    SYSTEMS AND METHODS FOR MOBILE APPLICATION SECURITY CLASSIFICATION AND ENFORCEMENT 有权
    用于移动安全分类和执行的系统和方法

    公开(公告)号:US20110167474A1

    公开(公告)日:2011-07-07

    申请号:US13051519

    申请日:2011-03-18

    IPC分类号: G06F12/14 G06F17/00

    摘要: The present disclosure provides systems and methods for mobile application security classification and enforcement. In particular, the present invention includes a method, a mobile device, and a distributed security system (e.g., a “cloud”) that is utilized to enforce security on mobile devices communicatively coupled to external networks (i.e., the Internet). Advantageously, the present invention is platform independent allowing it to operate with any current or emerging mobile device. Specifically, preventing malicious applications from running on an end user's mobile device is challenging with potentially millions of applications and billions of user devices; the only effective way to enforce application security is through the network that applications use to communicate.

    摘要翻译: 本公开提供了用于移动应用安全分类和执行的系统和方法。 特别地,本发明包括一种方法,移动设备和分布式安全系统(例如,“云”),其用于在通信地耦合到外部网络(即因特网)的移动设备上实施安全性。 有利地,本发明是平台独立的,允许其与任何当前或新兴移动设备一起操作。 具体来说,防止恶意应用程序在最终用户的移动设备上运行对于数百万应用程序和数十亿用户设备来说具有挑战性; 实施应用程序安全的唯一有效方法是通过应用程序用于通信的网络。

    Systems and methods for mobile application security classification and enforcement
    6.
    发明授权
    Systems and methods for mobile application security classification and enforcement 有权
    移动应用安全分类和执行的系统和方法

    公开(公告)号:US08763071B2

    公开(公告)日:2014-06-24

    申请号:US13051519

    申请日:2011-03-18

    IPC分类号: H04L29/06

    摘要: The present disclosure provides systems and methods for mobile application security classification and enforcement. In particular, the present invention includes a method, a mobile device, and a distributed security system (e.g., a “cloud”) that is utilized to enforce security on mobile devices communicatively coupled to external networks (i.e., the Internet). Advantageously, the present invention is platform independent allowing it to operate with any current or emerging mobile device. Specifically, preventing malicious applications from running on an end user's mobile device is challenging with potentially millions of applications and billions of user devices; the only effective way to enforce application security is through the network that applications use to communicate.

    摘要翻译: 本公开提供了用于移动应用安全分类和执行的系统和方法。 特别地,本发明包括一种方法,移动设备和分布式安全系统(例如,“云”),其被用于在通信地耦合到外部网络(即因特网)的移动设备上实施安全性。 有利地,本发明是平台独立的,允许其与任何当前或新兴移动设备一起操作。 具体来说,防止恶意应用程序在最终用户的移动设备上运行对于数百万应用程序和数十亿用户设备来说具有挑战性; 实施应用程序安全的唯一有效方法是通过应用程序用于通信的网络。

    WEB SECURITY VIA RESPONSE INJECTION
    7.
    发明申请
    WEB SECURITY VIA RESPONSE INJECTION 有权
    网络安全通过反应注射

    公开(公告)号:US20100218253A1

    公开(公告)日:2010-08-26

    申请号:US12390486

    申请日:2009-02-22

    IPC分类号: G06F21/00

    摘要: System and methods for injecting content into a response for improving client-side security. The system includes a content injection service external to network edges of at least one system. The content injection service receives a request from a client within the at least one system and identifies or anticipates a potential threat associated with the response. The content injection service is configured to determine an appropriate counter for the identified or anticipated potential threat and in response injects content into the response according to the potential or anticipated threat identified.

    摘要翻译: 将内容注入响应以提高客户端安全性的系统和方法。 该系统包括至少一个系统的网络边缘外部的内容注入服务。 内容注入服务从至少一个系统内的客户端接收请求,并且识别或预测与响应相关联的潜在威胁。 内容注入服务被配置为确定用于所识别的或预期的潜在威胁的适当的计数器,并且响应于根据所识别的潜在或预期的威胁将内容注入到响应中。