-
公开(公告)号:US07680957B1
公开(公告)日:2010-03-16
申请号:US10435131
申请日:2003-05-09
申请人: Thomas Ketterhagen , Bruce Bramhall , Nicholas Graf , Okan Okcu
发明人: Thomas Ketterhagen , Bruce Bramhall , Nicholas Graf , Okan Okcu
IPC分类号: G06F15/173 , G06F9/445
CPC分类号: G06F8/63
摘要: System and method for generating modifiable representations of system hardware and software configurations and for transferring a system to another system using the configuration representations. A configuration representation may include a backup of a system's files. A configuration representation may be modified, and may be used to restore the system to hardware that may be different than the original system's hardware. In one embodiment, a configuration transfer mechanism is provided to perform the transfer of a configuration representation from a source system to a target system. One embodiment of a configuration transfer mechanism may use one or more servers coupled to the source and target systems via a network. Another embodiment of a configuration transfer mechanism may be used to restore a source system's configuration and files from a source system directly to a target system coupled to the source system without using servers.
摘要翻译: 用于生成系统硬件和软件配置的可修改表示以及使用配置表示将系统传送到另一个系统的系统和方法。 配置表示可以包括系统文件的备份。 可以修改配置表示,并且可以将系统恢复到可能与原始系统硬件不同的硬件。 在一个实施例中,提供配置传送机制以执行从源系统到目标系统的配置表示的传送。 配置传送机制的一个实施例可以使用经由网络耦合到源系统和目标系统的一个或多个服务器。 配置传输机制的另一个实施例可以用于将源系统的配置和文件从源系统直接恢复到耦合到源系统的目标系统而不使用服务器。
-
2.发明授权Systems and methods for detecting fraudulent software applications that generate misleading notifications 有权用于检测产生误导性通知的欺诈性软件应用程序的系统和方法公开(公告)号:US09152790B1
公开(公告)日:2015-10-06
申请号:US12470213
申请日:2009-05-21
申请人: Adam Glick , Nicholas Graf , Spencer Smith
发明人: Adam Glick , Nicholas Graf , Spencer Smith
IPC分类号: G06F21/56
CPC分类号: G06F21/566 , G06F21/554
摘要: A computer-implemented method for detecting fraudulent software applications that generate misleading notifications is disclosed. In one example, such a method may comprise: 1) detecting a notification generated by an application installed on the computing device, 2) accessing criteria for determining, based at least in part on characteristics of the notification, whether the application is trustworthy, 3) determining, by applying the criteria, that the application is untrustworthy, and then 4) performing a security operation on the application. Corresponding systems and computer-readable media are also disclosed.
摘要翻译: 公开了一种用于检测产生误导通知的欺诈软件应用的计算机实现的方法。 在一个示例中,这样的方法可以包括:1)检测由安装在计算设备上的应用产生的通知,2)访问用于至少部分地基于通知的特征确定应用是否可信的准入 )通过应用标准确定应用程序不可信任,然后4)对应用程序执行安全操作。 还公开了相应的系统和计算机可读介质。
-
3.发明授权Systems and methods for automatically detecting and preventing phishing attacks 有权用于自动检测和防止网络钓鱼攻击的系统和方法公开(公告)号:US08776196B1
公开(公告)日:2014-07-08
申请号:US13557051
申请日:2012-07-24
申请人: Ian Oliver , Adam Glick , Nicholas Graf , Spencer Smith
发明人: Ian Oliver , Adam Glick , Nicholas Graf , Spencer Smith
CPC分类号: H04L63/1483 , H04L63/1408
摘要: A computer-implemented method for automatically detecting and preventing phishing attacks may include (1) maintaining a credentials store for a user of the computing device that identifies both at least one known-legitimate website and credentials associated with the known-legitimate website, (2) detecting an attempt by the user to enter the same credentials that are associated with the known-legitimate website into a new website that is not associated with the credentials in the credentials store, and then, prior to allowing the credentials to pass to the new website, (3) automatically warning the user that the new website potentially represents an attempt to phish the credentials associated with the known-legitimate website from the user. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译: 用于自动检测和防止网络钓鱼攻击的计算机实现的方法可以包括(1)维护用于识别至少一个已知合法网站和与已知合法网站相关联的证书的计算设备的用户的凭证存储(2) )检测用户尝试将与已知合法网站相关联的相同凭证输入到与凭证存储器中的凭证不相关联的新网站,然后在允许凭据传递到新的 网站,(3)自动向用户发出警告,表示新网站可能代表尝试从用户那里窃取与已知合法网站相关联的凭据。 还公开了各种其它方法,系统和计算机可读介质。
-
公开(公告)号:US08352409B1
公开(公告)日:2013-01-08
申请号:US12495621
申请日:2009-06-30
申请人: Sourabh Satish , Nicholas Graf , Lachlan Orr , Shane Pereira , Scott Sullivan
发明人: Sourabh Satish , Nicholas Graf , Lachlan Orr , Shane Pereira , Scott Sullivan
CPC分类号: G06N99/005
摘要: Systems and methods for improving the effectiveness of decision trees are disclosed. In one example, an exemplary method for performing such a task may include: 1) receiving, from at least one computing device, a) a sample, b) a classification assigned to the sample by a decision tree employed by the computing device, and c) identification information for a branch configuration that resulted in the classification, 2) determining that the decision tree incorrectly classified the sample, and then 3) excluding the offending branch configuration from future decision trees. An exemplary method for dynamically adjusting the confidence of decision-tree classifications based on community-supplied data, along with corresponding systems and computer-readable media, are also described.
摘要翻译: 公开了提高决策树有效性的系统和方法。 在一个示例中,用于执行这样的任务的示例性方法可以包括:1)从至少一个计算设备接收a)样本,b)由计算设备使用的决策树分配给样本的分类,以及 c)导致分类的分支配置的识别信息,2)确定决策树不正确地对样本进行分类,然后3)从未来的决策树中排除违规分支配置。 还描述了用于基于社区提供的数据以及对应的系统和计算机可读介质来动态地调整决策树分类的置信度的示例性方法。
-
5.发明授权Systems and methods for using reputation information to evaluate the trustworthiness of files obtained via torrent transactions 有权使用信誉信息评估通过洪流交易获得的文件的可信赖性的系统和方法公开(公告)号:US08627463B1
公开(公告)日:2014-01-07
申请号:US12880581
申请日:2010-09-13
申请人: Adam Glick , Nicholas Graf , Spencer Smith
发明人: Adam Glick , Nicholas Graf , Spencer Smith
IPC分类号: G06F11/00
CPC分类号: H04L63/1408 , G06F17/30206 , G06F21/56 , G06F2221/033 , H04L63/12 , H04L63/1416 , H04L63/145
摘要: A computer-implemented method for using reputation information to evaluate the trustworthiness of files obtained via torrent transactions may include (1) identifying a torrent file that includes metadata for facilitating a torrent transaction for obtaining a target file via a peer-to-peer file-sharing protocol, (2) identifying at least one entity involved in the torrent transaction, (3) obtaining reputation information associated with the entity involved in the torrent transaction, wherein the reputation information identifies a community's opinion on the trustworthiness of the entity, (4) determining, based at least in part on the reputation information associated with the entity involved in the torrent transaction, that the target file represents a potential security risk, and then (5) performing a security action on the target file. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译: 用于使用信誉信息来评估通过种子事务获得的文件的可信赖性的计算机实现的方法可以包括(1)识别包括元数据的torrent文件,以便于通过点对点文件获取目标文件的洪流事务, (2)确定洪流交易中涉及到的至少一个实体,(3)获取与洪流交易相关的实体相关的信誉信息,其中信誉信息识别社区对该实体的可信度的意见(4 )至少部分地基于与所述洪流事务中涉及的实体相关联的信誉信息确定所述目标文件表示潜在的安全风险,然后(5)对所述目标文件执行安全动作。 还公开了各种其它方法,系统和计算机可读介质。
-
公开(公告)号:US08904538B1
公开(公告)日:2014-12-02
申请号:US13419360
申请日:2012-03-13
申请人: Adam Glick , Spencer Smith , Nicholas Graf
发明人: Adam Glick , Spencer Smith , Nicholas Graf
CPC分类号: G06F21/56 , G06F21/567 , G06F21/568 , G06F21/577 , H04L63/145
摘要: A computer-implemented method for user-directed malware remediation may include 1) identifying a window within a graphical user interface of a computing environment, 2) identifying a user-directed interface event directed at the window, 3) determining, based at least in part on the user-directed interface event, that a process represented by the window poses a security risk, and 4) performing a remediation action on the process based on determining that the process poses the security risk. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译: 用于用户导向的恶意软件修复的计算机实现的方法可以包括:1)识别计算环境的图形用户界面内的窗口,2)识别指向该窗口的用户导向的接口事件,3)至少基于 部分用户导向的接口事件,由窗口表示的进程造成安全风险,以及4)基于确定该过程造成安全风险,对进程执行修复操作。 还公开了各种其它方法,系统和计算机可读介质。
-
7.发明授权Systems and methods for using tiered signing certificates to manage the behavior of executables 有权使用分层签名证书来管理可执行文件的行为的系统和方法公开(公告)号:US08844024B1
公开(公告)日:2014-09-23
申请号:US12408950
申请日:2009-03-23
申请人: Nicholas Graf , Spencer Smith , Adam Glick
发明人: Nicholas Graf , Spencer Smith , Adam Glick
摘要: Computer-implemented methods and systems for using tiered signing certificates to manage the behavior of executables are disclosed. In one example, a method for performing such a task may include: 1) identifying an executable file, 2) identifying a signing certificate associated with the executable file, 3) identifying, within the signing certificate, a privilege level associated with the executable file, and then 4) managing behavior of the executable file in accordance with the privilege level associated with the executable file. Corresponding methods and systems for generating tiered signing certificates for executable files are also disclosed.
摘要翻译: 公开了使用分层签名证书来管理可执行文件行为的计算机实现的方法和系统。 在一个示例中,用于执行这样的任务的方法可以包括:1)识别可执行文件,2)识别与可执行文件相关联的签名证书,3)在签名证书内识别与可执行文件相关联的特权级别 ,然后4)根据与可执行文件相关联的权限级别来管理可执行文件的行为。 还公开了用于生成可执行文件的分层签名证书的相应方法和系统。
-
公开(公告)号:US08782790B1
公开(公告)日:2014-07-15
申请号:US12709432
申请日:2010-02-19
申请人: Spencer Smith , Adam Glick , Nicholas Graf , Uriel Mann
发明人: Spencer Smith , Adam Glick , Nicholas Graf , Uriel Mann
IPC分类号: H04L29/06
CPC分类号: H04L63/1441 , H04L63/1416
摘要: An endpoint on a network uses detection data to detect a malicious software attack. The endpoint identifies content associated with the attack, such as a component of a web page, and generates a description of the content. The endpoint sends the description to a security server. The security server analyzes the content and identifies characteristics of the content that are present when the content is carried by network traffic. The security server generates a traffic signature that specifies the identified characteristics and provides the traffic signature to inspection points. The inspection points, in turn, use the traffic signature to examine network traffic passing through the inspection points to detect network traffic carrying the content. The attack detection at the endpoint thus informs the traffic signature-based detection at the inspection points and reduces the spread of malicious software.
摘要翻译: 网络上的端点使用检测数据来检测恶意软件攻击。 端点识别与攻击相关联的内容,例如网页的组件,并生成内容的描述。 端点将说明发送到安全服务器。 安全服务器分析内容并识别内容由网络流量携带时存在的内容的特征。 安全服务器生成指定已识别特征的流量签名,并向检查点提供流量签名。 检查点依次使用流量签名来检查通过检查点的网络流量,以检测携带内容的网络流量。 因此,端点的攻击检测通知了检查点的基于流量签名的检测,减少了恶意软件的传播。
-
公开(公告)号:US08621632B1
公开(公告)日:2013-12-31
申请号:US12470312
申请日:2009-05-21
申请人: Spencer Smith , Adam Glick , Nicholas Graf
发明人: Spencer Smith , Adam Glick , Nicholas Graf
IPC分类号: H04L29/06
CPC分类号: G06F21/566 , H04L63/1425
摘要: A computer-implemented method for locating malware may include identifying a malicious behavior in a computing system. The computer-implemented method may also include determining that the malicious behavior arises from a set of interrelated executable objects. The computer-implemented method may further include identifying an executable object recently added to the set of interrelated executable objects. The computer-implemented method may additionally include attributing the malicious behavior to the recently added executable object based on when the recently added executable object was added to the set of interrelated executable objects. The computer-implemented method may also include performing a security action on the recently added executable object. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译: 用于定位恶意软件的计算机实现的方法可以包括识别计算系统中的恶意行为。 计算机实现的方法还可以包括确定恶意行为是由一组相互关联的可执行对象产生的。 计算机实现的方法还可以包括识别最近添加到相关联的可执行对象集合中的可执行对象。 计算机实现的方法可以另外包括基于最近添加的可执行对象何时添加到相关联的可执行对象的集合,将恶意行为归因于最近添加的可执行对象。 计算机实现的方法还可以包括对最近添加的可执行对象执行安全动作。 还公开了各种其它方法,系统和计算机可读介质。
-
公开(公告)号:US08418223B1
公开(公告)日:2013-04-09
申请号:US12838938
申请日:2010-07-19
申请人: Spencer Smith , Adam Glick , Nicholas Graf
发明人: Spencer Smith , Adam Glick , Nicholas Graf
CPC分类号: G09B7/02
摘要: A computer-implemented method may include establishing, within a parental-control software system, an academic-performance policy that defines how academic performance of a student affects at least one parental-control setting enforced on a computing system accessible to the student. The computer-implemented method may also include receiving, via an electronic communication from a school of the student, grade information that indicates the student's academic performance. The computer-implemented method may further include applying the academic-performance policy by updating the parental-control setting commensurate with the student's academic performance. In addition, the computer-implemented method may include detecting an attempt by the student to access a resource of the computing system and applying the updated parental-control setting to control the student's access to the resource of the computing system.
摘要翻译: 计算机实现的方法可以包括在家长控制软件系统内建立学术性能策略,其定义学生的学业成绩如何影响学生可访问的计算系统上强制执行的至少一个家长控制设置。 计算机实现的方法还可以包括通过来自学生的学校的电子通信来接收指示学生的学业成绩的成绩信息。 计算机实现的方法还可以包括通过更新与学生的学业成绩相称的父母控制设置来应用学业成绩政策。 此外,计算机实现的方法可以包括检测学生访问计算系统的资源的尝试并应用更新的家长控制设置来控制学生对计算系统的资源的访问。
-
-
-
-
-
-
-
-
-
搜索结果
12 条记录 (耗时 0.019 秒)
