-
公开(公告)号:US08713679B2
公开(公告)日:2014-04-29
申请号:US13031061
申请日:2011-02-18
IPC分类号: G06F21/00
CPC分类号: G06N7/005
摘要: This document describes techniques for detection of code-based malware. According to some embodiments, the techniques utilize a collection of known malicious code and know benign code and determine which features of each type of code can be used to determine whether unclassified code is malicious or benign. The features can then be used to train a classifier (e.g., a Bayesian classifier) to characterize unclassified code as malicious or benign. In at least some embodiments, the techniques can be used as part of and/or in cooperation with a web browser to inspect web content (e.g., a web page) to determine if the content includes code-based malware.
摘要翻译: 本文档描述了基于代码的恶意软件检测技术。 根据一些实施例,该技术利用已知恶意代码的集合并且知道良性代码并且确定可以使用每种类型的代码的哪些特征来确定未分类的代码是恶意的还是良性的。 然后可以使用特征来训练分类器(例如,贝叶斯分类器)来将未分类的代码描述为恶意或良性的。 在至少一些实施例中,可以将这些技术用作网页浏览器的一部分和/或与网络浏览器合作来检查网页内容(例如,网页)以确定内容是否包括基于代码的恶意软件。
-
公开(公告)号:US20120216280A1
公开(公告)日:2012-08-23
申请号:US13031061
申请日:2011-02-18
CPC分类号: G06N7/005
摘要: This document describes techniques for detection of code-based malware. According to some embodiments, the techniques utilize a collection of known malicious code and know benign code and determine which features of each type of code can be used to determine whether unclassified code is malicious or benign. The features can then be used to train a classifier (e.g., a Bayesian classifier) to characterize unclassified code as malicious or benign. In at least some embodiments, the techniques can be used as part of and/or in cooperation with a web browser to inspect web content (e.g., a web page) to determine if the content includes code-based malware.
摘要翻译: 本文档描述了基于代码的恶意软件检测技术。 根据一些实施例,该技术利用已知恶意代码的集合并且知道良性代码并且确定可以使用每种类型的代码的哪些特征来确定未分类的代码是恶意的还是良性的。 然后可以使用特征来训练分类器(例如,贝叶斯分类器)来将未分类的代码描述为恶意或良性的。 在至少一些实施例中,可以将这些技术用作网页浏览器的一部分和/或与网络浏览器合作来检查网页内容(例如,网页)以确定内容是否包括基于代码的恶意软件。
-
公开(公告)号:US09038185B2
公开(公告)日:2015-05-19
申请号:US13339322
申请日:2011-12-28
CPC分类号: G06F11/3612 , G06F11/3688 , G06F21/566
摘要: Techniques for execution of multiple execution paths are described. In one or more embodiments, an execution of a portion of executable code is conditioned upon a particular environment-specific value. For example, the execution of the executable code can cause one type of output if the value of the variable equals a particular value, and can cause a different type of output if the value of the variable equals a different value. Techniques discussed herein can enable the executable code to be executed such that multiple outputs are produced, e.g., by executing the code according to the different values for the variable. In implementations, the multiple outputs can be analyzed for various attributes, such as presence of malware, implementation and coding errors, and so on.
摘要翻译: 描述用于执行多个执行路径的技术。 在一个或多个实施例中,可执行代码的一部分的执行受特定环境特定值的限制。 例如,如果变量的值等于特定值,则可执行代码的执行可能导致一种类型的输出,如果变量的值等于不同的值,则可能导致不同类型的输出。 这里讨论的技术可以使得执行可执行代码,使得例如通过根据变量的不同值执行代码来产生多个输出。 在实现中,可以分析多个输出的各种属性,例如恶意软件的存在,实现和编码错误等。
-
公开(公告)号:US20130174258A1
公开(公告)日:2013-07-04
申请号:US13339322
申请日:2011-12-28
CPC分类号: G06F11/3612 , G06F11/3688 , G06F21/566
摘要: Techniques for execution of multiple execution paths are described. In one or more embodiments, an execution of a portion of executable code is conditioned upon a particular environment-specific value. For example, the execution of the executable code can cause one type of output if the value of the variable equals a particular value, and can cause a different type of output if the value of the variable equals a different value. Techniques discussed herein can enable the executable code to be executed such that multiple outputs are produced, e.g., by executing the code according to the different values for the variable. In implementations, the multiple outputs can be analyzed for various attributes, such as presence of malware, implementation and coding errors, and so on.
摘要翻译: 描述用于执行多个执行路径的技术。 在一个或多个实施例中,可执行代码的一部分的执行受特定环境特定值的限制。 例如,如果变量的值等于特定值,则可执行代码的执行可能导致一种类型的输出,如果变量的值等于不同的值,则可能导致不同类型的输出。 这里讨论的技术可以使得执行可执行代码,使得例如通过根据变量的不同值执行代码来产生多个输出。 在实现中,可以分析多个输出的各种属性,例如恶意软件的存在,实现和编码错误等。
-
公开(公告)号:US20110219357A1
公开(公告)日:2011-09-08
申请号:US12715405
申请日:2010-03-02
IPC分类号: G06F9/44
摘要: A method described herein includes at a computing device, receiving, over a network connection, a data packet from an external source, wherein the data packet comprises a compressed abstract syntax tree (AST)-based representation of source code written in a scripting language. The method further includes decompressing the compressed AST-based representation of the source code to generate a decompressed AST. The method also includes causing at least one processor on the computing device to execute at least one instruction represented in the decompressed AST subsequent to the compressed AST-based representation of the source code being decompressed.
摘要翻译: 本文描述的方法包括在计算设备处,通过网络连接从外部源接收数据分组,其中所述数据分组包括以脚本语言编写的源代码的基于压缩抽象语法树(AST)的表示。 该方法还包括解压缩源代码的压缩的基于AST的表示以生成解压缩的AST。 该方法还包括使得计算设备上的至少一个处理器在被解压缩的源代码的压缩的基于AST的表示之后执行在解压缩的AST中表示的至少一个指令。
-
公开(公告)号:US20110191848A1
公开(公告)日:2011-08-04
申请号:US12699073
申请日:2010-02-03
申请人: Benjamin Goth Zorn , Benjamin Livshits , Reid Borsuk , John Joseph Lambert , Matthew Ryan Miller , Louis Lafreniere , Peter Stuart Beck , Joshua Theodore Goodman , Timothy William Burrell , Steven Edward Lucco
发明人: Benjamin Goth Zorn , Benjamin Livshits , Reid Borsuk , John Joseph Lambert , Matthew Ryan Miller , Louis Lafreniere , Peter Stuart Beck , Joshua Theodore Goodman , Timothy William Burrell , Steven Edward Lucco
CPC分类号: G06F11/00
摘要: A method disclosed herein includes acts of receiving code at a Just-in-Time compiler executing in an application on a computing device and compiling the code to generate machine code and causing the machine code to be placed on at least one page that is accessible by at least one processor on the computing device, wherein the Just-in-Time compiler compiles the code utilizing at least one technique for preventing a Just-in-Time spraying attack.
摘要翻译: 本文公开的方法包括在计算设备上的应用程序中执行的即时编译器接收代码的动作,并编译代码以生成机器代码,并使机器代码放置在至少一个可由 所述计算设备上的至少一个处理器,其中所述即时编译器使用至少一种用于防止即时喷涂攻击的技术来编译代码。
-
公开(公告)号:US10409892B2
公开(公告)日:2019-09-10
申请号:US13014520
申请日:2011-01-26
申请人: Chad Rothschiller , Daniel Battagin , Christopher Benedict , Rodrigo Moreira-Silveira , Dmitri O. Danilov , Eric Cohen , Sumit Gulwani , Dany Rouhana , Rishabh Singh , Benjamin Goth Zorn , Ramarathnam Venkatesan
发明人: Chad Rothschiller , Daniel Battagin , Christopher Benedict , Rodrigo Moreira-Silveira , Dmitri O. Danilov , Eric Cohen , Sumit Gulwani , Dany Rouhana , Rishabh Singh , Benjamin Goth Zorn , Ramarathnam Venkatesan
摘要: Data formatting rules to convert data from one form to another form are automatically determined based on a user's edits. A machine learning heuristic is applied to a user's edits to determine a data formatting rule that may be applied to data. For example, a user may make edits that add/remove characters from data, concatenate data, extract data, rename data, and the like. The machine learning heuristic may be automatically triggered in response to an event (e.g. after a predetermined number of edits are made to a same type of data) or manually triggered (e.g. selecting a user interface option). The data formatting rule may be applied to other data and the results of the formatting reviewable by the user. Based on further edits/reviews, the data formatting rule may be updated. The data formatting rules may be stored for later use.
-
公开(公告)号:US20120192051A1
公开(公告)日:2012-07-26
申请号:US13014520
申请日:2011-01-26
申请人: Chad Rothschiller , Daniel Battagin , Christopher Benedict , Rodrigo Moreira-Silveira , Dmitri O. Danilov , Eric Cohen , Sumit Gulwani , Dany Rouhana , Rishabh Singh , Benjamin Goth Zorn , Ramarathnam Venkatesan
发明人: Chad Rothschiller , Daniel Battagin , Christopher Benedict , Rodrigo Moreira-Silveira , Dmitri O. Danilov , Eric Cohen , Sumit Gulwani , Dany Rouhana , Rishabh Singh , Benjamin Goth Zorn , Ramarathnam Venkatesan
IPC分类号: G06F17/00
CPC分类号: G06F17/211
摘要: Data formatting rules to convert data from one form to another form are automatically determined based on a user's edits. A machine learning heuristic is applied to a user's edits to determine a data formatting rule that may be applied to data. For example, a user may make edits that add/remove characters from data, concatenate data, extract data, rename data, and the like. The machine learning heuristic may be automatically triggered in response to an event (e.g. after a predetermined number of edits are made to a same type of data) or manually triggered (e.g. selecting a user interface option). The data formatting rule may be applied to other data and the results of the formatting reviewable by the user. Based on further edits/reviews, the data formatting rule may be updated. The data formatting rules may be stored for later use.
摘要翻译: 根据用户的编辑自动确定将数据从一个表单转换为另一个表单的数据格式化规则。 机器学习启发式应用于用户的编辑以确定可应用于数据的数据格式化规则。 例如,用户可以进行从数据添加/移除字符,连接数据,提取数据,重命名数据等的编辑。 可以响应于事件(例如在对相同类型的数据进行预定数量的编辑)或手动触发(例如,选择用户界面选项)之后,可以自动地触发机器学习启发式。 数据格式规则可以应用于其他数据以及用户可评估的格式的结果。 根据进一步的编辑/评论,可能会更新数据格式规则。 可以存储数据格式化规则供以后使用。
-
-
-
-
-
-
-
搜索结果
8 条记录 (耗时 0.023 秒)
