-
1.发明申请公开(公告)号:US20100058467A1
公开(公告)日:2010-03-04
申请号:US12200608
申请日:2008-08-28
IPC分类号: G06F21/00
CPC分类号: H04L63/0227 , G06F16/9535 , G06F16/9574
摘要: A start offset and an end offset can be identified within unfiltered content that is to be filtered. This unfiltered content can include HTML content. A corresponding start offset and an end offset of the unfiltered content can be matched against a set of content objects contained in a content cache. Each of the content objects can be associated with rule metadata. At least one filter rule can be extracted from metadata of a matching cache object. A programmatic action can be performed based upon the extracted filter rule. Computer readable output can result from the programmatic action. The output can include content that has been filtered in accordance with the extracted filter rule.
摘要翻译: 可以在要过滤的未过滤内容中识别起始偏移量和结束偏移量。 这个未过滤的内容可以包括HTML内容。 可以将未过滤的内容的对应的起始偏移量和结束偏移量与包含在内容高速缓存中的一组内容对象进行匹配。 每个内容对象都可以与规则元数据相关联。 可以从匹配的缓存对象的元数据中提取至少一个过滤器规则。 可以基于提取的滤波器规则执行编程动作。 计算机可读取的输出可能来自编程动作。 输出可以包括根据提取的过滤规则被过滤的内容。
-
公开(公告)号:US08800053B2
公开(公告)日:2014-08-05
申请号:US13540191
申请日:2012-07-02
IPC分类号: G06F7/04
CPC分类号: H04L63/0245 , H04L63/145
摘要: A executable content message stream filter applies a plurality of executable content filters to a stream of parsed elements of a network message. Each of the plurality of executable content filters targets executable content and is instantiated based on a set of one or more rule sets selected based, at least in part, on a type of the network message. For each of the plurality of executable content filters, it is determined if one or more of the stream of parsed elements includes executable content targeted by the executable content filter. The executable content message stream filter modifies those of the stream of parsed elements that include the executable content targeted by the plurality of executable content filters to disable the executable content.
摘要翻译: 可执行内容消息流过滤器将多个可执行内容过滤器应用于网络消息的解析元素流。 多个可执行内容过滤器中的每一个可针对可执行内容,并且基于至少部分地基于网络消息的类型而选择的一个或多个规则集的集合来实例化。 对于多个可执行内容过滤器中的每一个,确定解析元素流中的一个或多个是否包括可执行内容过滤器所针对的可执行内容。 可执行内容消息流过滤器修改包含多个可执行内容过滤器所针对的可执行内容的已解析元素流的那些,以禁用可执行内容。
-
公开(公告)号:US20120278852A1
公开(公告)日:2012-11-01
申请号:US13540191
申请日:2012-07-02
IPC分类号: G06F21/00
CPC分类号: H04L63/0245 , H04L63/145
摘要: A executable content message stream filter applies a plurality of executable content filters to a stream of parsed elements of a network message. Each of the plurality of executable content filters targets executable content and is instantiated based on a set of one or more rule sets selected based, at least in part, on a type of the network message. For each of the plurality of executable content filters, it is determined if one or more of the stream of parsed elements includes executable content targeted by the executable content filter. The executable content message stream filter modifies those of the stream of parsed elements that include the executable content targeted by the plurality of executable content filters to disable the executable content.
摘要翻译: 可执行内容消息流过滤器将多个可执行内容过滤器应用于网络消息的解析元素流。 多个可执行内容过滤器中的每一个可针对可执行内容,并且基于至少部分地基于网络消息的类型而选择的一个或多个规则集的集合来实例化。 对于多个可执行内容过滤器中的每一个,确定解析元素流中的一个或多个是否包括可执行内容过滤器所针对的可执行内容。 可执行内容消息流过滤器修改包含多个可执行内容过滤器所针对的可执行内容的已解析元素流的那些,以禁用可执行内容。
-
公开(公告)号:US08234712B2
公开(公告)日:2012-07-31
申请号:US12101632
申请日:2008-04-11
IPC分类号: G06F7/04
CPC分类号: H04L63/0245 , H04L63/145
摘要: A method, apparatus, and machine-readable medium to implement executable content filtering is disclosed. According to a one example embodiment, a method is provided which comprises analyzing a stream of one or more parsed elements of a network message with a set of one or more executable content filters, wherein the stream of one or more elements are streamed from a network message parser. The described method embodiment further comprises modifying the stream of one or more parsed elements to disable executable content in the network message based, at least in part, on a set of one or more rule sets being applied with the set of one or more executable content filters to the stream of parsed elements.
摘要翻译: 公开了一种用于实现可执行内容过滤的方法,装置和机器可读介质。 根据一个示例实施例,提供了一种方法,其包括使用一组一个或多个可执行内容过滤器来分析网络消息的一个或多个解析元素的流,其中一个或多个元素的流从网络流传输 消息解析器。 所描述的方法实施例还包括修改一个或多个解析元素的流以至少部分地基于一组一个或多个规则集合来禁用网络消息中的可执行内容,所述一个或多个规则集被应用于一组一个或多个可执行内容 过滤到已解析元素的流。
-
公开(公告)号:US20090260087A1
公开(公告)日:2009-10-15
申请号:US12101632
申请日:2008-04-11
IPC分类号: H04L9/00
CPC分类号: H04L63/0245 , H04L63/145
摘要: Malicious executable content in network messages (e.g., request and response hypertext transfer protocol message) can circumvent some security measures. In addition, conventional security measures aimed at capturing malicious executable content noticeably impact system performance. Stream based filtering of network messages allows for efficient processing to remove malicious executable content. Furthermore, an extensible framework for executable content filtering streaming message elements allows for efficient adaptation of an executable content filter to new threats disguised as executable content.
摘要翻译: 网络消息中的恶意可执行内容(例如,请求和响应超文本传输协议消息)可以规避一些安全措施。 此外,旨在捕获恶意可执行内容的常规安全措施显着影响系统性能。 基于流的网络消息过滤允许有效的处理来消除恶意的可执行内容。 此外,用于可执行内容过滤流消息元素的可扩展框架允许将可执行内容过滤器有效地适配为伪装成可执行内容的新威胁。
-
公开(公告)号:US08776239B2
公开(公告)日:2014-07-08
申请号:US12787933
申请日:2010-05-26
申请人: Frederik De Keukelaere , Lin Luo , Peter K. Malkin , Masayoshi Teraguchi , Naohiko Uramoto , Shun X. Yang , Sachiko Yoshihama , Yu Zhang
发明人: Frederik De Keukelaere , Lin Luo , Peter K. Malkin , Masayoshi Teraguchi , Naohiko Uramoto , Shun X. Yang , Sachiko Yoshihama , Yu Zhang
IPC分类号: G06F11/00
CPC分类号: G06F11/00
摘要: In-development vulnerability response management, in one aspect, may detect a code instance that matches a vulnerability pattern; generate one or more hints associated with the code instance in response to the detecting; retrieve an action response to the code instance that matches a vulnerability pattern; and associate the retrieved action response with the code instance.
摘要翻译: 在一方面,开发中的漏洞响应管理可以检测与漏洞模式匹配的代码实例; 响应于所述检测而生成与所述代码实例相关联的一个或多个提示; 检索与漏洞模式匹配的代码实例的操作响应; 并将检索到的动作响应与代码实例相关联。
-
公开(公告)号:US20110191855A1
公开(公告)日:2011-08-04
申请号:US12787933
申请日:2010-05-26
申请人: Frederik De Keukelaere , Lin Luo , Peter K. Malkin , Masayoshi Teraguchi , Naohiko Uramoto , Shun X. Yang , Sachiko Yoshihama , Yu Zhang
发明人: Frederik De Keukelaere , Lin Luo , Peter K. Malkin , Masayoshi Teraguchi , Naohiko Uramoto , Shun X. Yang , Sachiko Yoshihama , Yu Zhang
IPC分类号: G06F11/00
CPC分类号: G06F11/00
摘要: In-development vulnerability response management, in one aspect, may detect a code instance that matches a vulnerability pattern; generate one or more hints associated with the code instance in response to the detecting; retrieve an action response to the code instance that matches a vulnerability pattern; and associate the retrieved action response with the code instance.
摘要翻译: 在一方面,开发中的漏洞响应管理可以检测与漏洞模式匹配的代码实例; 响应于所述检测而生成与所述代码实例相关联的一个或多个提示; 检索与漏洞模式匹配的代码实例的操作响应; 并将检索到的动作响应与代码实例相关联。
-
公开(公告)号:US20080301766A1
公开(公告)日:2008-12-04
申请号:US12128692
申请日:2008-05-29
申请人: Satoshi Makino , Naizhen Qi , Naohiko Uramoto , Sachiko Yoshihama
发明人: Satoshi Makino , Naizhen Qi , Naohiko Uramoto , Sachiko Yoshihama
IPC分类号: G06F21/00
CPC分类号: G06F21/51
摘要: Access control for each part in an HTML document constituting a Web page is performed according to the origin of the part in the document. Thereby, a content provided by a malicious user or server is prevented from fraudulently reading and writing other parts in the HTML document. More precisely, on a server side, each content (including a JavaScript program) is automatically provided with a label indicating the domain that is the origin of the content. Thereby, the control of accesses to multiple domains (cross domain access control) can be performed on a client side. Under this configuration, a combination of the contents, metadata and the access control policy is transmitted from the server side to the client side.
摘要翻译: 构成网页的HTML文档中的每个部分的访问控制根据文档中的部分的原点进行。 因此,防止恶意用户或服务器提供的内容欺骗地读取和写入HTML文档中的其他部分。 更准确地说,在服务器端,每个内容(包括JavaScript程序)被自动提供指示作为内容的起源的域的标签。 因此,可以在客户端执行对多个域的访问的控制(跨域访问控制)。 在这种配置下,将内容,元数据和访问控制策略的组合从服务器端发送到客户端。
-
9.发明申请公开(公告)号:US20150293516A1
公开(公告)日:2015-10-15
申请号:US14117278
申请日:2012-05-08
IPC分类号: G05B19/05
CPC分类号: G05B19/058 , G05B23/0221 , G05B2219/14036
摘要: An anomaly detection system for detecting an anomaly in a plurality of control systems comprises a plurality of analysis devices that are associated with the respective control systems and that acquire an event occurring in an associated control system and analyze the event to determine whether there is an anomaly. A first analysis device among the plurality of analysis devices determines whether an event occurring in the associated control system is to be indicated to a second analysis device among the plurality of analysis devices, and the second analysis device determines that there is an anomaly on condition that the event indicated by the first analysis device has correlation with an event indicated by an analysis device other than the first analysis device.
摘要翻译: 用于检测多个控制系统中的异常的异常检测系统包括与相应控制系统相关联并且获取在相关控制系统中发生的事件的多个分析装置,并分析该事件以确定是否存在异常 。 多个分析装置中的第一分析装置判定在所述多个分析装置中是否向所述关联控制系统中发生的事件指示给第二分析装置,并且所述第二分析装置判定存在异常, 由第一分析装置指示的事件与除了第一分析装置之外的分析装置指示的事件相关。
-
公开(公告)号:US08769701B2
公开(公告)日:2014-07-01
申请号:US13604474
申请日:2012-09-05
IPC分类号: G06F21/00
CPC分类号: G06F21/41
摘要: A method correlates audit information in a multi-tenant computing infrastructure. The method leverages a user's authentication to the infrastructure, such as via federated single sign-on (F-SSO) from an identity provider. Preferably, the user's tenant identifier in the environment is derived based on identity information obtained during the F-SSO exchange. This tenant identifier is propagated to one or more other components in the infrastructure that are accessed by the user. As audit event from multiple components in the computing infrastructure are generated, these audit events are annotated with the tenant identifier and stored in an audit repository. In response to a request to view the tenant's audit data, a collection of tenant-specific audit events are then retrieved from the audit repository and displayed in a single tenant view. This approach ensures that audit event information is not leaked inadvertently between tenants.
-
-
-
-
-
-
-
-
-
搜索结果
43 条记录 (耗时 0.023 秒)
