利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

135 条记录 (耗时 0.039 秒)

    Computer security management, such as in a virtual machine or hardened operating system
    1.
    发明授权
    Computer security management, such as in a virtual machine or hardened operating system 有权
    计算机安全管理,如虚拟机或硬化操作系统

    公开(公告)号:US07409719B2

    公开(公告)日:2008-08-05

    申请号:US11019094

    申请日:2004-12-21

    申请人: Benjamin Armstrong Paul England Scott A. Field Jason Garms Michael Kramer Kenneth D. Ray

    发明人: Benjamin Armstrong Paul England Scott A. Field Jason Garms Michael Kramer Kenneth D. Ray

    IPC分类号: G06F21/00

    CPC分类号: G06F21/53 G06F21/56 G06F21/566

    摘要: A security scheme provides security to one or more self-contained operating environment instances executing on a computer. The security scheme may include implementing a set of security applications that may be controlled by a supervisory process, or the like. Both the set of security applications and the supervisory process may operate on a host system of the computer, which may also provide a platform for execution of the one or more self-contained operating environments. The security scheme protects processes running in the one or more self-contained operating environment and processes running on the computer outside of the self-contained operating environments.

    摘要翻译: 安全方案为在计算机上执行的一个或多个自包含的操作环境实例提供安全性。 安全方案可以包括实现可由监督过程等控制的一组安全应用。 所述一组安全应用程序和监督过程可以在计算机的主机系统上操作,其还可以提供用于执行一个或多个独立操作环境的平台。 安全性方案保护在独立操作环境中运行的进程和在独立操作环境之外的计算机上运行的进程。

    On-access scan of memory for malware
    2.
    发明授权
    On-access scan of memory for malware 有权
    恶意软件的内存访问扫描

    公开(公告)号:US07836504B2

    公开(公告)日:2010-11-16

    申请号:US11070468

    申请日:2005-03-01

    申请人: Kenneth D Ray Michael Kramer Paul England Scott A Field

    发明人: Kenneth D Ray Michael Kramer Paul England Scott A Field

    IPC分类号: G06F11/00 G06F12/14 G06F12/16 G06B23/00

    CPC分类号: G06F12/145 G06F21/562

    摘要: The present invention provides a system, method, and computer-readable medium for identifying malware that is loaded in the memory of a computing device. Software routines implemented by the present invention track the state of pages loaded in memory using page table access bits available from a central processing unit. A page in memory may be in a state that is “unsafe” or potentially infected with malware. In this instance, the present invention calls a scan engine to search a page for malware before information on the page is executed.

    摘要翻译: 本发明提供一种用于识别加载到计算设备的存储器中的恶意软件的系统,方法和计算机可读介质。 由本发明实现的软件程序使用从中央处理单元获得的页表访问位来跟踪加载在存储器中的页的状态。 内存中的页面可能处于“不安全”或可能感染恶意软件的状态。 在这种情况下,本发明在页面上的信息被执行之前,调用扫描引擎来搜索页面中的恶意软件。

    Systems and methods for verifying trust of executable files
    3.
    发明授权
    Systems and methods for verifying trust of executable files 有权
    用于验证可执行文件信任的系统和方法

    公开(公告)号:US07490352B2

    公开(公告)日:2009-02-10

    申请号:US11100770

    申请日:2005-04-07

    申请人: Michael Kramer Kenneth D. Ray Paul England Scott A. Field Jonathan D. Schwartz

    发明人: Michael Kramer Kenneth D. Ray Paul England Scott A. Field Jonathan D. Schwartz

    IPC分类号: G06F21/22 G06F21/00 G06F12/14

    CPC分类号: G06F21/51 G06F21/56

    摘要: Systems and methods for validating integrity of an executable file are described. In one aspect, the systems and methods determine that an executable file is being introduced into a path of execution. The executable file is then automatically evaluated in view of multiple malware checks to detect if the executable file represents a type of malware. The multiple malware checks are integrated into an operating system trust verification process along the path of execution.

    摘要翻译: 描述用于验证可执行文件的完整性的系统和方法。 在一个方面,系统和方法确定可执行文件正被引入到执行的路径中。 然后,根据多个恶意软件检查自动评估可执行文件,以检测可执行文件是否代表一种恶意软件。 多个恶意软件检查被集成到沿着执行路径的操作系统信任验证过程中。

    Computer security management, such as in a virtual machine or hardened operating system
    4.
    发明申请
    Computer security management, such as in a virtual machine or hardened operating system 有权
    计算机安全管理,如虚拟机或硬化操作系统

    公开(公告)号:US20060136720A1

    公开(公告)日:2006-06-22

    申请号:US11019094

    申请日:2004-12-21

    申请人: Benjamin Armstrong Paul England Scott Field Jason Garms Michael Kramer Kenneth Ray

    发明人: Benjamin Armstrong Paul England Scott Field Jason Garms Michael Kramer Kenneth Ray

    IPC分类号: H04L9/00

    CPC分类号: G06F21/53 G06F21/56 G06F21/566

    摘要: A security scheme provides security to one or more self-contained operating environment instances executing on a computer. The security scheme may include implementing a set of security applications that may be controlled by a supervisory process, or the like. Both the set of security applications and the supervisory process may operate on a host system of the computer, which may also provide a platform for execution of the one or more self-contained operating environments. The security scheme protects processes running in the one or more self-contained operating environment and processes running on the computer outside of the self-contained operating environments.

    摘要翻译: 安全方案为在计算机上执行的一个或多个自包含的操作环境实例提供安全性。 安全方案可以包括实现可由监督过程等控制的一组安全应用。 所述一组安全应用程序和监督过程可以在计算机的主机系统上操作,其还可以提供用于执行一个或多个独立操作环境的平台。 安全性方案保护在独立操作环境中运行的进程和在独立操作环境之外的计算机上运行的进程。

    System and method of efficiently identifying and removing active malware from a computer
    5.
    发明授权
    System and method of efficiently identifying and removing active malware from a computer 有权
    从计算机有效识别和删除活动恶意软件的系统和方法

    公开(公告)号:US07673341B2

    公开(公告)日:2010-03-02

    申请号:US11012892

    申请日:2004-12-15

    申请人: Michael Kramer Matthew Braverman Marc E. Seinfeld Jason Garms Adrian M. Marinescu George Cristian Chicioreanu Scott A. Field

    发明人: Michael Kramer Matthew Braverman Marc E. Seinfeld Jason Garms Adrian M. Marinescu George Cristian Chicioreanu Scott A. Field

    IPC分类号: G06F12/14

    CPC分类号: H04L63/1408 G06F21/562

    摘要: The present invention provides a system, method, and computer-readable medium for identifying and removing active malware from a computer. Aspects of the present invention are included in a cleaner tool that may be obtained automatically with an update service or may be downloaded manually from a Web site or similar distribution system. The cleaner tool includes a specialized scanning engine that searches a computer for active malware. Since the scanning engine only searches for active malware, the amount of data downloaded and resource requirements of the cleaner tool are less than traditional antivirus software. The scanning engine searches specific locations on a computer, such as data mapped in memory, configuration files, and file metadata for data characteristic of malware. If malware is detected, the cleaner tool removes the malware from the computer.

    摘要翻译: 本发明提供一种用于从计算机识别和去除活动恶意软件的系统,方法和计算机可读介质。 本发明的方面包括在可以使用更新服务自动获得的清洁工具中,或者可以从网站或类似的分发系统手动下载。 更清洁的工具包括专门的扫描引擎,可在计算机上搜索主动恶意软件。 由于扫描引擎仅搜索活动的恶意软件,所以下载的数据量和清洁工具的资源需求比传统的防病毒软件要少。 扫描引擎在计算机上搜索特定位置,例如映射到内存中的数据,配置文件和文件元数据,以便恶意软件的特征。 如果检测到恶意软件,则清洁工具会从计算机中删除恶意软件。

    System and method of selectively scanning a file on a computing device for malware
    7.
    发明授权
    System and method of selectively scanning a file on a computing device for malware 有权
    有选择地扫描计算设备上的恶意软件文件的系统和方法

    公开(公告)号:US07676845B2

    公开(公告)日:2010-03-09

    申请号:US11090086

    申请日:2005-03-24

    申请人: Anil Francis Thomas Michael Kramer Scott A Field

    发明人: Anil Francis Thomas Michael Kramer Scott A Field

    IPC分类号: G06F12/14 G06F7/04

    CPC分类号: G06F21/51 G06F21/564

    摘要: In accordance with this invention, a system, method, and computer-readable medium that selectively scans files stored on a computing device for malware is provided. One or more files may be sent from a trusted source to a computing device that implements the present invention. The integrity of the files that originate from a trusted source is validated using a signature-based hashing function. Any modifications made to files stored on the computing device are tracked by a component of the operating system. In instances when the file is not modified after being validated, an aspect of the present invention prevents the file from being scanned for malware when a scanning event is directed to the file. As a result, the performance of the computing device is improved as static files from trusted sources are not repeatedly scanned for malware.

    摘要翻译: 根据本发明,提供了选择扫描存储在计算设备上的用于恶意软件的文件的系统,方法和计算机可读介质。 一个或多个文件可以从可信源发送到实现本发明的计算设备。 源自可信源的文件的完整性使用基于签名的散列函数进行验证。 对存储在计算设备上的文件的任何修改由操作系统的组件跟踪。 在文件在被验证之后未被修改的情况下,本发明的一个方面防止当扫描事件被引导到该文件时该文件被扫描恶意软件。 因此,由于来自可信源的静态文件不会重复扫描恶意软件,因此计算设备的性能得到改善。

    System and method of efficiently identifying and removing active malware from a computer
    8.
    发明申请
    System and method of efficiently identifying and removing active malware from a computer 有权
    从计算机有效识别和删除活动恶意软件的系统和方法

    公开(公告)号:US20060130141A1

    公开(公告)日:2006-06-15

    申请号:US11012892

    申请日:2004-12-15

    申请人: Michael Kramer Matthew Braverman Marc Seinfeld Jason Garms Adrian Marinescu George Chicioreanu Scott Field

    发明人: Michael Kramer Matthew Braverman Marc Seinfeld Jason Garms Adrian Marinescu George Chicioreanu Scott Field

    IPC分类号: G06F12/14

    CPC分类号: H04L63/1408 G06F21/562

    摘要: The present invention provides a system, method, and computer-readable medium for identifying and removing active malware from a computer. Aspects of the present invention are included in a cleaner tool that may be obtained automatically with an update service or may be downloaded manually from a Web site or similar distribution system. The cleaner tool includes a specialized scanning engine that searches a computer for active malware. Since the scanning engine only searches for active malware, the amount of data downloaded and resource requirements of the cleaner tool are less than traditional antivirus software. The scanning engine searches specific locations on a computer, such as data mapped in memory, configuration files, and file metadata for data characteristic of malware. If malware is detected, the cleaner tool removes the malware from the computer.

    摘要翻译: 本发明提供一种用于从计算机识别和去除活动恶意软件的系统,方法和计算机可读介质。 本发明的方面包括在可以使用更新服务自动获得的清洁工具中,或者可以从网站或类似的分发系统手动下载。 更清洁的工具包括专门的扫描引擎,可在计算机上搜索主动恶意软件。 由于扫描引擎仅搜索活动的恶意软件,所以下载的数据量和清洁工具的资源需求比传统的防病毒软件要少。 扫描引擎在计算机上搜索特定位置,例如映射到内存中的数据,配置文件和文件元数据,以便恶意软件的特征。 如果检测到恶意软件,则清洁工具会从计算机中删除恶意软件。

    Dynamic protection of unpatched machines
    9.
    发明授权
    Dynamic protection of unpatched machines 有权
    未打补丁机器的动态保护

    公开(公告)号:US08359645B2

    公开(公告)日:2013-01-22

    申请号:US11090679

    申请日:2005-03-25

    申请人: Michael Kramer Art Shelest Carl M Carter-Schwendler Gary S Henderson Scott A Field Sterling M Reasor

    发明人: Michael Kramer Art Shelest Carl M Carter-Schwendler Gary S Henderson Scott A Field Sterling M Reasor

    IPC分类号: G06F11/00 G06F12/14

    CPC分类号: G06F21/56 G06F21/57 H04L41/0659 H04L41/0816 H04L63/02 H04L63/1441 H04L69/40

    摘要: A system and method for protecting a computer system connected to a communication network from a potential vulnerability. The system and method protects a computer system that is about to undergo or has just undergone a change in state that may result in placing the computer system at risk to viruses, and the like, over a communication network. The system and method first detect an imminent or recent change in state. A security component and a fixing component react to the detection of the change in state. The security component may raise the security level to block incoming network information, other than information from a secure or known location, or information requested by the computer system. The fixing component implements a fixing routine, such as installing missing updates or patches, and on successfully completing the fixing routine, the security level is relaxed or lowered.

    摘要翻译: 一种用于保护连接到通信网络的计算机系统免受潜在漏洞的系统和方法。 该系统和方法保护将要经历或刚刚经历可能导致计算机系统处于危险的病毒等的通信网络上的计算机系统。 系统和方法首先检测即将来临或最近的状态变化。 安全部件和固定部件对状态变化的检测作出反应。 安全组件可以提高安全级别以阻止来自安全或已知位置的信息或计算机系统请求的信息之外的传入网络信息。 固定组件执行固定程序,例如安装缺少的更新或修补程序,并且在成功完成固定程序时,安全级别被放宽或降低。